Demo Title
| Risk Level | Number of Alerts |
|---|---|
|
High
|
0
|
|
Medium
|
3
|
|
Low
|
3
|
|
False Positives:
|
0
|
| Name | Risk Level | Number of Instances |
|---|---|---|
| Absence of Anti-CSRF Tokens | Medium | 40 |
| Content Security Policy (CSP) Header Not Set | Medium | 48 |
| Missing Anti-clickjacking Header | Medium | 44 |
| Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s) | Low | 62 |
| Server Leaks Version Information via "Server" HTTP Response Header Field | Low | 74 |
| X-Content-Type-Options Header Missing | Low | 68 |
| HTTP Response Code | Number of Responses |
|---|---|
| 404 Not Found |
4
|
| 200 OK |
87
|
| 302 Found |
2
|
| Technology | Version | Categories | Implies |
|---|---|---|---|
|
Adobe Flash
|
Programming languages
|
||
|
Cart Functionality
|
Ecommerce
|
||
|
DreamWeaver
|
Editors
|
||
|
Nginx
|
1.19.0
|
Web servers
Reverse proxies
|
|
|
PHP
|
5.6.40
|
Programming languages
|
|
|
Ubuntu
|
Operating systems
|
|
Medium |
Absence of Anti-CSRF Tokens |
|---|---|
| Description |
No Anti-CSRF tokens were found in a HTML submission form.
A cross-site request forgery is an attack that involves forcing a victim to send an HTTP request to a target destination without their knowledge or intent in order to perform an action as the victim. The underlying cause is application functionality using predictable URL/form actions in a repeatable way. The nature of the attack is that CSRF exploits the trust that a web site has for a user. By contrast, cross-site scripting (XSS) exploits the trust that a user has for a web site. Like XSS, CSRF attacks are not necessarily cross-site, but they can be. Cross-site request forgery is also known as CSRF, XSRF, one-click attack, session riding, confused deputy, and sea surf.
CSRF attacks are effective in a number of situations, including:
* The victim has an active session on the target site.
* The victim is authenticated via HTTP auth on the target site.
* The victim is on the same local network as the target site.
CSRF has primarily been used to perform an action against a target site using the victim's privileges, but recent techniques have been discovered to disclose information by gaining access to the response. The risk of information disclosure is dramatically increased when the target site is vulnerable to XSS, because XSS can be used as a platform for CSRF, allowing the attack to operate within the bounds of the same-origin policy.
|
| URL | http://testphp.vulnweb.com |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form action="search.php?test=query" method="post"> |
| Request Header - size: 238 bytes. |
GET http://testphp.vulnweb.com HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:51:59 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4958 |
| Response Body - size: 4,958 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>Home of Acunetix Art</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id="pageName">welcome to our page</h2> <div class="story"> <h3>Test site for Acunetix WVS.</h3> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | <a href="/Mod_Rewrite_Shop/">Shop</a> | <a href="/hpp/">HTTP Parameter Pollution</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/artists.php |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form action="search.php?test=query" method="post"> |
| Request Header - size: 287 bytes. |
GET http://testphp.vulnweb.com/artists.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5328 |
| Response Body - size: 5,328 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>artists</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <div class='story'><a href='artists.php?artist=1'><h3>r4w8173</h3></a><p><a href='#' onClick="window.open('./comment.php?aid=1','comment','width=500,height=400')">comment on this artist</a></p></div><div class='story'><a href='artists.php?artist=2'><h3>Blad3</h3></a><p><a href='#' onClick="window.open('./comment.php?aid=2','comment','width=500,height=400')">comment on this artist</a></p></div><div class='story'><a href='artists.php?artist=3'><h3>lyzae</h3></a><p><a href='#' onClick="window.open('./comment.php?aid=3','comment','width=500,height=400')">comment on this artist</a></p></div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/artists.php?artist=1 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form action="search.php?test=query" method="post"> |
| Request Header - size: 308 bytes. |
GET http://testphp.vulnweb.com/artists.php?artist=1 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/artists.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6251 |
| Response Body - size: 6,251 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>artists</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>artist: r4w8173</h2><div class='story'><p><p> Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenatis. Aliquam posuere lobortis pede. Nullam fringilla urna id leo. Praesent aliquet pretium erat. Praesent non odio. Pellentesque a magna a mauris vulputate lacinia. Aenean viverra. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos hymenaeos. Aliquam lacus. Mauris magna eros, semper a, tempor et, rutrum et, tortor. </p> <p> Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenatis. Aliquam posuere lobortis pede. Nullam fringilla urna id leo. Praesent aliquet pretium erat. Praesent non odio. Pellentesque a magna a mauris vulputate lacinia. Aenean viverra. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos hymenaeos. Aliquam lacus. Mauris magna eros, semper a, tempor et, rutrum et, tortor. </p></p><p><a href='listproducts.php?artist=1'>view pictures of the artist</a></p><p><a href='#' onClick="window.open('./comment.php?aid=1','comment','width=500,height=400')">comment on this artist</a></p></div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/artists.php?artist=2 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form action="search.php?test=query" method="post"> |
| Request Header - size: 308 bytes. |
GET http://testphp.vulnweb.com/artists.php?artist=2 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/artists.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6193 |
| Response Body - size: 6,193 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>artists</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>artist: Blad3</h2><div class='story'><p><p> Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenatis. Aliquam posuere lobortis pede. Nullam fringilla urna id leo. Praesent aliquet pretium erat. Praesent non odio. Pellentesque a magna a mauris vulputate lacinia. Aenean viverra. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos hymenaeos. Aliquam lacus. Mauris magna eros, semper a, tempor et, rutrum et, tortor. </p> <p> Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenatis. Aliquam posuere lobortis pede. Nullam fringilla urna id leo. Praesent aliquet pretium erat. Praesent non odio. Pellentesque a magna a mauris vulputate lacinia. Aenean viverra. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos hymenaeos. Aliquam lacus. Mauris magna eros, semper a, tempor et, rutrum et, tortor. </p></p><p><a href='listproducts.php?artist=2'>view pictures of the artist</a></p><p><a href='#' onClick="window.open('./comment.php?aid=2','comment','width=500,height=400')">comment on this artist</a></p></div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/artists.php?artist=3 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form action="search.php?test=query" method="post"> |
| Request Header - size: 308 bytes. |
GET http://testphp.vulnweb.com/artists.php?artist=3 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/artists.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6193 |
| Response Body - size: 6,193 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>artists</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>artist: lyzae</h2><div class='story'><p><p> Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenatis. Aliquam posuere lobortis pede. Nullam fringilla urna id leo. Praesent aliquet pretium erat. Praesent non odio. Pellentesque a magna a mauris vulputate lacinia. Aenean viverra. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos hymenaeos. Aliquam lacus. Mauris magna eros, semper a, tempor et, rutrum et, tortor. </p> <p> Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenatis. Aliquam posuere lobortis pede. Nullam fringilla urna id leo. Praesent aliquet pretium erat. Praesent non odio. Pellentesque a magna a mauris vulputate lacinia. Aenean viverra. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos hymenaeos. Aliquam lacus. Mauris magna eros, semper a, tempor et, rutrum et, tortor. </p></p><p><a href='listproducts.php?artist=3'>view pictures of the artist</a></p><p><a href='#' onClick="window.open('./comment.php?aid=3','comment','width=500,height=400')">comment on this artist</a></p></div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/cart.php |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form action="search.php?test=query" method="post"> |
| Request Header - size: 284 bytes. |
GET http://testphp.vulnweb.com/cart.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4903 |
| Response Body - size: 4,903 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>you cart</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Error</h2> <div class='story'> <p>You are not logged on. To log on please visit our <a href='login.php'>login page</a></p> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/categories.php |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form action="search.php?test=query" method="post"> |
| Request Header - size: 290 bytes. |
GET http://testphp.vulnweb.com/categories.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6115 |
| Response Body - size: 6,115 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture categories</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id="pageName">categories</h2> <div class='story'><a href='listproducts.php?cat=1'><h3>Posters</h3></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenati</div><div class='story'><a href='listproducts.php?cat=2'><h3>Paintings</h3></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenati</div><div class='story'><a href='listproducts.php?cat=3'><h3>Stickers</h3></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenati</div><div class='story'><a href='listproducts.php?cat=4'><h3>Graffity</h3></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenati</div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/disclaimer.php |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form action="search.php?test=query" method="post"> |
| Request Header - size: 290 bytes. |
GET http://testphp.vulnweb.com/disclaimer.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5524 |
| Response Body - size: 5,524 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>disclaimer</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id="pageName">Disclaimer</h2> <div class="story"> <h6>Please read carefully</h6> <p>This website is created to demonstrate the abilities of Acunetix new product <strong>WEB Vulnerability Scanner</strong>.</p> It is not intended to be a real online shop. Also this website was constructed with common web programming errors so it is buggy. <p>Please do not post any confidential information on this site. Do not give any creditcard number or real address, nor e-mail or website addresses.</p> <p>Information you post on this site are by no means private nor protected!</p> <p>All images on this site were generated with fre software <a href="http://www.eclectasy.com/Fractal-Explorer/index.html" target="_blank"> <strong>Fractal Explorer</strong></a>.</p> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/guestbook.php |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form action="" method="post" name="faddentry"> |
| Request Header - size: 289 bytes. |
GET http://testphp.vulnweb.com/guestbook.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5390 |
| Response Body - size: 5,390 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>guestbook</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <div class="story"> <table width="100%" cellpadding="4" cellspacing="1"><tr><td colspan="2"><h2>Our guestbook</h2></td></tr><tr><td align="left" valign="middle" style="background-color:#F5F5F5"><strong></strong></td><td align="right" style="background-color:#F5F5F5">04.01.2025, 5:52 am</td></tr><tr><td colspan="2"><img src="/images/remark.gif"> </td></tr></table> </div> <div class="story"> <form action="" method="post" name="faddentry"> <input type="hidden" name="name" value="anonymous user"> <textarea name="text" rows="5" wrap="VIRTUAL" style="width:500px;"></textarea> <br> <input type="submit" name="submit" value="add message"> </form> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/guestbook.php |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form action="search.php?test=query" method="post"> |
| Request Header - size: 289 bytes. |
GET http://testphp.vulnweb.com/guestbook.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5390 |
| Response Body - size: 5,390 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>guestbook</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <div class="story"> <table width="100%" cellpadding="4" cellspacing="1"><tr><td colspan="2"><h2>Our guestbook</h2></td></tr><tr><td align="left" valign="middle" style="background-color:#F5F5F5"><strong></strong></td><td align="right" style="background-color:#F5F5F5">04.01.2025, 5:52 am</td></tr><tr><td colspan="2"><img src="/images/remark.gif"> </td></tr></table> </div> <div class="story"> <form action="" method="post" name="faddentry"> <input type="hidden" name="name" value="anonymous user"> <textarea name="text" rows="5" wrap="VIRTUAL" style="width:500px;"></textarea> <br> <input type="submit" name="submit" value="add message"> </form> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/index.php |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form action="search.php?test=query" method="post"> |
| Request Header - size: 285 bytes. |
GET http://testphp.vulnweb.com/index.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4958 |
| Response Body - size: 4,958 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>Home of Acunetix Art</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id="pageName">welcome to our page</h2> <div class="story"> <h3>Test site for Acunetix WVS.</h3> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | <a href="/Mod_Rewrite_Shop/">Shop</a> | <a href="/hpp/">HTTP Parameter Pollution</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/listproducts.php?artist=1 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form action="search.php?test=query" method="post"> |
| Request Header - size: 322 bytes. |
GET http://testphp.vulnweb.com/listproducts.php?artist=1 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/artists.php?artist=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 7994 |
| Response Body - size: 7,994 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>pictures</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>r4w8173</h2><div class='story'><a href='product.php?pic=1'><h3>The shore</h3></a><p><a href='showimage.php?file=./pictures/1.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/1.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu.</p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=1','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=2'><h3>Mistery</h3></a><p><a href='showimage.php?file=./pictures/2.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/2.jpg&size=160' width='160' height='100'></a>Donec molestie. Sed aliquam sem ut arcu.</p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=2','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=3'><h3>The universe</h3></a><p><a href='showimage.php?file=./pictures/3.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/3.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet. Donec molestie. Sed aliquam sem ut arcu.</p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=3','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=4'><h3>Walking</h3></a><p><a href='showimage.php?file=./pictures/4.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/4.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. </p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=4','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=5'><h3>Mean</h3></a><p><a href='showimage.php?file=./pictures/5.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/5.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit.</p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=5','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=6'><h3>Thing</h3></a><p><a href='showimage.php?file=./pictures/6.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/6.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. </p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=6','comment','width=500,height=400')">comment on this picture</a></p></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/listproducts.php?artist=2 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form action="search.php?test=query" method="post"> |
| Request Header - size: 322 bytes. |
GET http://testphp.vulnweb.com/listproducts.php?artist=2 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/artists.php?artist=2 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5193 |
| Response Body - size: 5,193 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>pictures</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Blad3</h2><div class='story'><a href='product.php?pic=7'><h3>Trees</h3></a><p><a href='showimage.php?file=./pictures/7.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/7.jpg&size=160' width='160' height='100'></a>bla bla bla</p><p>painted by: <a href='artists.php?artist=2'>Blad3</a></p><p><a href='#' onClick="window.open('./comment.php?pid=7','comment','width=500,height=400')">comment on this picture</a></p></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/listproducts.php?artist=3 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form action="search.php?test=query" method="post"> |
| Request Header - size: 322 bytes. |
GET http://testphp.vulnweb.com/listproducts.php?artist=3 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/artists.php?artist=3 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4699 |
| Response Body - size: 4,699 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>pictures</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form action="search.php?test=query" method="post"> |
| Request Header - size: 313 bytes. |
GET http://testphp.vulnweb.com/listproducts.php?cat=1 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/categories.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 7880 |
| Response Body - size: 7,880 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>pictures</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Posters</h2><div class='story'><a href='product.php?pic=1'><h3>The shore</h3></a><p><a href='showimage.php?file=./pictures/1.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/1.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu.</p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=1','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=2'><h3>Mistery</h3></a><p><a href='showimage.php?file=./pictures/2.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/2.jpg&size=160' width='160' height='100'></a>Donec molestie. Sed aliquam sem ut arcu.</p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=2','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=3'><h3>The universe</h3></a><p><a href='showimage.php?file=./pictures/3.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/3.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet. Donec molestie. Sed aliquam sem ut arcu.</p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=3','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=4'><h3>Walking</h3></a><p><a href='showimage.php?file=./pictures/4.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/4.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. </p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=4','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=5'><h3>Mean</h3></a><p><a href='showimage.php?file=./pictures/5.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/5.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit.</p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=5','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=7'><h3>Trees</h3></a><p><a href='showimage.php?file=./pictures/7.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/7.jpg&size=160' width='160' height='100'></a>bla bla bla</p><p>painted by: <a href='artists.php?artist=2'>Blad3</a></p><p><a href='#' onClick="window.open('./comment.php?pid=7','comment','width=500,height=400')">comment on this picture</a></p></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/listproducts.php?cat=2 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form action="search.php?test=query" method="post"> |
| Request Header - size: 313 bytes. |
GET http://testphp.vulnweb.com/listproducts.php?cat=2 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/categories.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5311 |
| Response Body - size: 5,311 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>pictures</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Paintings</h2><div class='story'><a href='product.php?pic=6'><h3>Thing</h3></a><p><a href='showimage.php?file=./pictures/6.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/6.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. </p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=6','comment','width=500,height=400')">comment on this picture</a></p></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/listproducts.php?cat=3 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form action="search.php?test=query" method="post"> |
| Request Header - size: 313 bytes. |
GET http://testphp.vulnweb.com/listproducts.php?cat=3 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/categories.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4699 |
| Response Body - size: 4,699 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>pictures</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/listproducts.php?cat=4 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form action="search.php?test=query" method="post"> |
| Request Header - size: 313 bytes. |
GET http://testphp.vulnweb.com/listproducts.php?cat=4 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/categories.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4699 |
| Response Body - size: 4,699 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>pictures</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/login.php |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form name="loginform" method="post" action="userinfo.php"> |
| Request Header - size: 285 bytes. |
GET http://testphp.vulnweb.com/login.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5523 |
| Response Body - size: 5,523 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>login page</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <div class="story"> <h3>If you are already registered please enter your login information below:</h3><br> <form name="loginform" method="post" action="userinfo.php"> <table cellpadding="4" cellspacing="1"> <tr><td>Username : </td><td><input name="uname" type="text" size="20" style="width:120px;"></td></tr> <tr><td>Password : </td><td><input name="pass" type="password" size="20" style="width:120px;"></td></tr> <tr><td colspan="2" align="right"><input type="submit" value="login" style="width:75px;"></td></tr> </table> </form> </div> <div class="story"> <h3> You can also <a href="signup.php">signup here</a>.<br> Signup disabled. Please use the username <font color='red'>test</font> and the password <font color='red'>test</font>. </h3> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/login.php |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form action="search.php?test=query" method="post"> |
| Request Header - size: 285 bytes. |
GET http://testphp.vulnweb.com/login.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5523 |
| Response Body - size: 5,523 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>login page</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <div class="story"> <h3>If you are already registered please enter your login information below:</h3><br> <form name="loginform" method="post" action="userinfo.php"> <table cellpadding="4" cellspacing="1"> <tr><td>Username : </td><td><input name="uname" type="text" size="20" style="width:120px;"></td></tr> <tr><td>Password : </td><td><input name="pass" type="password" size="20" style="width:120px;"></td></tr> <tr><td colspan="2" align="right"><input type="submit" value="login" style="width:75px;"></td></tr> </table> </form> </div> <div class="story"> <h3> You can also <a href="signup.php">signup here</a>.<br> Signup disabled. Please use the username <font color='red'>test</font> and the password <font color='red'>test</font>. </h3> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/product.php?pic=1 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form name='f_addcart' method='POST' action='cart.php'> |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=1 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6428 |
| Response Body - size: 6,428 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>The shore</h2><div class='story'><p><a href='showimage.php?file=./pictures/1.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/1.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu.</p><h3>Long description</h3><p><p> This picture is an 53 cm x 12 cm masterpiece. </p> <p> This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information. </p></p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p>the price of this item is: $500</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='500'><input type='hidden' name='addcart' value='1'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/product.php?pic=1 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form action="search.php?test=query" method="post"> |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=1 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6428 |
| Response Body - size: 6,428 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>The shore</h2><div class='story'><p><a href='showimage.php?file=./pictures/1.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/1.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu.</p><h3>Long description</h3><p><p> This picture is an 53 cm x 12 cm masterpiece. </p> <p> This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information. </p></p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p>the price of this item is: $500</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='500'><input type='hidden' name='addcart' value='1'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/product.php?pic=2 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form name='f_addcart' method='POST' action='cart.php'> |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=2 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6368 |
| Response Body - size: 6,368 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Mistery</h2><div class='story'><p><a href='showimage.php?file=./pictures/2.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/2.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>Donec molestie. Sed aliquam sem ut arcu.</p><h3>Long description</h3><p><p> This picture is an 53 cm x 12 cm masterpiece. </p> <p> This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information. </p></p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p>the price of this item is: $800</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='800'><input type='hidden' name='addcart' value='2'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/product.php?pic=2 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form action="search.php?test=query" method="post"> |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=2 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6368 |
| Response Body - size: 6,368 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Mistery</h2><div class='story'><p><a href='showimage.php?file=./pictures/2.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/2.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>Donec molestie. Sed aliquam sem ut arcu.</p><h3>Long description</h3><p><p> This picture is an 53 cm x 12 cm masterpiece. </p> <p> This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information. </p></p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p>the price of this item is: $800</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='800'><input type='hidden' name='addcart' value='2'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/product.php?pic=3 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form name='f_addcart' method='POST' action='cart.php'> |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=3 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6401 |
| Response Body - size: 6,401 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>The universe</h2><div class='story'><p><a href='showimage.php?file=./pictures/3.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/3.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>Lorem ipsum dolor sit amet. Donec molestie. Sed aliquam sem ut arcu.</p><h3>Long description</h3><p><p> This picture is an 53 cm x 12 cm masterpiece. </p> <p> This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information. </p></p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p>the price of this item is: $986</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='986'><input type='hidden' name='addcart' value='3'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/product.php?pic=3 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form action="search.php?test=query" method="post"> |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=3 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6401 |
| Response Body - size: 6,401 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>The universe</h2><div class='story'><p><a href='showimage.php?file=./pictures/3.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/3.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>Lorem ipsum dolor sit amet. Donec molestie. Sed aliquam sem ut arcu.</p><h3>Long description</h3><p><p> This picture is an 53 cm x 12 cm masterpiece. </p> <p> This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information. </p></p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p>the price of this item is: $986</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='986'><input type='hidden' name='addcart' value='3'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/product.php?pic=4 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form name='f_addcart' method='POST' action='cart.php'> |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=4 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6453 |
| Response Body - size: 6,453 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Walking</h2><div class='story'><p><a href='showimage.php?file=./pictures/4.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/4.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. </p><h3>Long description</h3><p><p> This picture is an 53 cm x 12 cm masterpiece. </p> <p> This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information. </p></p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p>the price of this item is: $1000</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='1000'><input type='hidden' name='addcart' value='4'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/product.php?pic=4 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form action="search.php?test=query" method="post"> |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=4 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6453 |
| Response Body - size: 6,453 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Walking</h2><div class='story'><p><a href='showimage.php?file=./pictures/4.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/4.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. </p><h3>Long description</h3><p><p> This picture is an 53 cm x 12 cm masterpiece. </p> <p> This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information. </p></p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p>the price of this item is: $1000</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='1000'><input type='hidden' name='addcart' value='4'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/product.php?pic=5 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form name='f_addcart' method='POST' action='cart.php'> |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=5 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6382 |
| Response Body - size: 6,382 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Mean</h2><div class='story'><p><a href='showimage.php?file=./pictures/5.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/5.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>Lorem ipsum dolor sit amet, consectetuer adipiscing elit.</p><h3>Long description</h3><p><p> This picture is an 53 cm x 12 cm masterpiece. </p> <p> This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information. </p></p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p>the price of this item is: $460</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='460'><input type='hidden' name='addcart' value='5'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/product.php?pic=5 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form action="search.php?test=query" method="post"> |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=5 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6382 |
| Response Body - size: 6,382 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Mean</h2><div class='story'><p><a href='showimage.php?file=./pictures/5.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/5.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>Lorem ipsum dolor sit amet, consectetuer adipiscing elit.</p><h3>Long description</h3><p><p> This picture is an 53 cm x 12 cm masterpiece. </p> <p> This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information. </p></p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p>the price of this item is: $460</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='460'><input type='hidden' name='addcart' value='5'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/product.php?pic=6 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form name='f_addcart' method='POST' action='cart.php'> |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=6 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=2 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6454 |
| Response Body - size: 6,454 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Thing</h2><div class='story'><p><a href='showimage.php?file=./pictures/6.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/6.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. </p><h3>Long description</h3><p><p> This picture is an 99 cm x 200 cm masterpiece. </p> <p> This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information. </p></p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p>the price of this item is: $10000</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='10000'><input type='hidden' name='addcart' value='6'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/product.php?pic=6 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form action="search.php?test=query" method="post"> |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=6 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=2 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6454 |
| Response Body - size: 6,454 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Thing</h2><div class='story'><p><a href='showimage.php?file=./pictures/6.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/6.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. </p><h3>Long description</h3><p><p> This picture is an 99 cm x 200 cm masterpiece. </p> <p> This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information. </p></p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p>the price of this item is: $10000</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='10000'><input type='hidden' name='addcart' value='6'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/product.php?pic=7 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form name='f_addcart' method='POST' action='cart.php'> |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=7 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5734 |
| Response Body - size: 5,734 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Trees</h2><div class='story'><p><a href='showimage.php?file=./pictures/7.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/7.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>bla bla bla</p><h3>Long description</h3><p>bla bla bla long</p><p>painted by: <a href='artists.php?artist=2'>Blad3</a></p><p>the price of this item is: $15000</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='15000'><input type='hidden' name='addcart' value='7'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/product.php?pic=7 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form action="search.php?test=query" method="post"> |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=7 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5734 |
| Response Body - size: 5,734 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Trees</h2><div class='story'><p><a href='showimage.php?file=./pictures/7.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/7.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>bla bla bla</p><h3>Long description</h3><p>bla bla bla long</p><p>painted by: <a href='artists.php?artist=2'>Blad3</a></p><p>the price of this item is: $15000</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='15000'><input type='hidden' name='addcart' value='7'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/signup.php |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form name="form1" method="post" action="/secured/newuser.php"> |
| Request Header - size: 296 bytes. |
GET http://testphp.vulnweb.com/signup.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/login.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6033 |
| Response Body - size: 6,033 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>signup</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <div class="story"> <h2 id="pageName">Signup new user</h2> <h4>Please do not enter real information here.</h4> <h4>If you press the submit button you will be transferred to asecured connection.</h4> <form name="form1" method="post" action="/secured/newuser.php"> <table border="0" cellspacing="1" cellpadding="4"> <tr><td valign="top">Username:</td><td><input type="text" name="uuname" style="width:200px"></td></tr> <tr><td valign="top">Password:</td><td><input type="password" name="upass" style="width:200px"></td></tr> <tr><td valign="top">Retype password:</td><td><input type="password" name="upass2" style="width:200px"></td></tr> <tr><td valign="top">Name:</td><td><input type="text" name="urname" style="width:200px"></td></tr> <tr><td valign="top">Credit card number:</td><td><input type="text" name="ucc" style="width:200px"></td></tr> <tr><td valign="top">E-Mail:</td><td><input type="text" name="uemail" style="width:200px"></td></tr> <tr><td valign="top">Phone number:</td><td><input type="text" name="uphone" style="width:200px"></td></tr> <tr><td valign="top">Address:</td><td><textarea wrap="soft" name="uaddress" rows="5" style="width:200px"></textarea></td></tr> <tr><td colspan="2" align="right"><input type="submit" value="signup" name="signup"></td></tr> </table> </form> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/signup.php |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form action="search.php?test=query" method="post"> |
| Request Header - size: 296 bytes. |
GET http://testphp.vulnweb.com/signup.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/login.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6033 |
| Response Body - size: 6,033 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>signup</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <div class="story"> <h2 id="pageName">Signup new user</h2> <h4>Please do not enter real information here.</h4> <h4>If you press the submit button you will be transferred to asecured connection.</h4> <form name="form1" method="post" action="/secured/newuser.php"> <table border="0" cellspacing="1" cellpadding="4"> <tr><td valign="top">Username:</td><td><input type="text" name="uuname" style="width:200px"></td></tr> <tr><td valign="top">Password:</td><td><input type="password" name="upass" style="width:200px"></td></tr> <tr><td valign="top">Retype password:</td><td><input type="password" name="upass2" style="width:200px"></td></tr> <tr><td valign="top">Name:</td><td><input type="text" name="urname" style="width:200px"></td></tr> <tr><td valign="top">Credit card number:</td><td><input type="text" name="ucc" style="width:200px"></td></tr> <tr><td valign="top">E-Mail:</td><td><input type="text" name="uemail" style="width:200px"></td></tr> <tr><td valign="top">Phone number:</td><td><input type="text" name="uphone" style="width:200px"></td></tr> <tr><td valign="top">Address:</td><td><textarea wrap="soft" name="uaddress" rows="5" style="width:200px"></textarea></td></tr> <tr><td colspan="2" align="right"><input type="submit" value="signup" name="signup"></td></tr> </table> </form> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/cart.php |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | <form action="search.php?test=query" method="post"> |
| Request Header - size: 372 bytes. |
POST http://testphp.vulnweb.com/cart.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache content-type: application/x-www-form-urlencoded referer: http://testphp.vulnweb.com/product.php?pic=1 content-length: 19 |
| Request Body - size: 19 bytes. |
price=500&addcart=1
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:06 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4903 |
| Response Body - size: 4,903 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>you cart</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Error</h2> <div class='story'> <p>You are not logged on. To log on please visit our <a href='login.php'>login page</a></p> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/guestbook.php |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | <form action="" method="post" name="faddentry"> |
| Request Header - size: 373 bytes. |
POST http://testphp.vulnweb.com/guestbook.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache content-type: application/x-www-form-urlencoded referer: http://testphp.vulnweb.com/guestbook.php content-length: 33 |
| Request Body - size: 33 bytes. |
name=ZAP&text=&submit=add+message
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5393 |
| Response Body - size: 5,393 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>guestbook</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <div class="story"> <table width="100%" cellpadding="4" cellspacing="1"><tr><td colspan="2"><h2>Our guestbook</h2></td></tr><tr><td align="left" valign="middle" style="background-color:#F5F5F5"><strong>ZAP</strong></td><td align="right" style="background-color:#F5F5F5">04.01.2025, 5:52 am</td></tr><tr><td colspan="2"><img src="/images/remark.gif"> </td></tr></table> </div> <div class="story"> <form action="" method="post" name="faddentry"> <input type="hidden" name="name" value="anonymous user"> <textarea name="text" rows="5" wrap="VIRTUAL" style="width:500px;"></textarea> <br> <input type="submit" name="submit" value="add message"> </form> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/guestbook.php |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | <form action="search.php?test=query" method="post"> |
| Request Header - size: 373 bytes. |
POST http://testphp.vulnweb.com/guestbook.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache content-type: application/x-www-form-urlencoded referer: http://testphp.vulnweb.com/guestbook.php content-length: 33 |
| Request Body - size: 33 bytes. |
name=ZAP&text=&submit=add+message
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5393 |
| Response Body - size: 5,393 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>guestbook</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <div class="story"> <table width="100%" cellpadding="4" cellspacing="1"><tr><td colspan="2"><h2>Our guestbook</h2></td></tr><tr><td align="left" valign="middle" style="background-color:#F5F5F5"><strong>ZAP</strong></td><td align="right" style="background-color:#F5F5F5">04.01.2025, 5:52 am</td></tr><tr><td colspan="2"><img src="/images/remark.gif"> </td></tr></table> </div> <div class="story"> <form action="" method="post" name="faddentry"> <input type="hidden" name="name" value="anonymous user"> <textarea name="text" rows="5" wrap="VIRTUAL" style="width:500px;"></textarea> <br> <input type="submit" name="submit" value="add message"> </form> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/search.php?test=query |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | <form action="search.php?test=query" method="post"> |
| Request Header - size: 367 bytes. |
POST http://testphp.vulnweb.com/search.php?test=query HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache content-type: application/x-www-form-urlencoded referer: http://testphp.vulnweb.com content-length: 25 |
| Request Body - size: 25 bytes. |
searchFor=ZAP&goButton=go
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4772 |
| Response Body - size: 4,772 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>search</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>searched for: ZAP</h2></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| Instances | 40 |
| Solution |
Phase: Architecture and Design
Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
For example, use anti-CSRF packages such as the OWASP CSRFGuard.
Phase: Implementation
Ensure that your application is free of cross-site scripting issues, because most CSRF defenses can be bypassed using attacker-controlled script.
Phase: Architecture and Design
Generate a unique nonce for each form, place the nonce into the form, and verify the nonce upon receipt of the form. Be sure that the nonce is not predictable (CWE-330).
Note that this can be bypassed using XSS.
Identify especially dangerous operations. When the user performs a dangerous operation, send a separate confirmation request to ensure that the user intended to perform that operation.
Note that this can be bypassed using XSS.
Use the ESAPI Session Management control.
This control includes a component for CSRF.
Do not use the GET method for any request that triggers a state change.
Phase: Implementation
Check the HTTP Referer header to see if the request originated from an expected page. This could break legitimate functionality, because users or proxies may have disabled sending the Referer for privacy reasons.
|
| Reference |
https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html
https://cwe.mitre.org/data/definitions/352.html |
| Tags |
OWASP_2021_A01
WSTG-v42-SESS-05 OWASP_2017_A05 CWE-352 |
| CWE Id | 352 |
| WASC Id | 9 |
| Plugin Id | 10202 |
|
Medium |
Content Security Policy (CSP) Header Not Set |
|---|---|
| Description |
Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page — covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.
|
| URL | http://testphp.vulnweb.com |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 238 bytes. |
GET http://testphp.vulnweb.com HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:51:59 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4958 |
| Response Body - size: 4,958 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>Home of Acunetix Art</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id="pageName">welcome to our page</h2> <div class="story"> <h3>Test site for Acunetix WVS.</h3> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | <a href="/Mod_Rewrite_Shop/">Shop</a> | <a href="/hpp/">HTTP Parameter Pollution</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/AJAX/index.php |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 290 bytes. |
GET http://testphp.vulnweb.com/AJAX/index.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4236 |
| Response Body - size: 4,236 bytes. |
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>ajax test</title> <link href="styles.css" rel="stylesheet" type="text/css" /> <script type="text/javascript"> var httpreq = null; function SetContent(XML) { var items = XML.getElementsByTagName('items').item(0).getElementsByTagName('item'); var inner = '<ul>'; for(i=0; i<items.length; i++){ inner = inner + '<li><a href="javascript:getInfo(\'' + items[i].attributes.item(0).value + '\', \'' + items[i].attributes.item(1).value + '\')">' + items[i].firstChild.nodeValue + '</a></li>'; } inner = inner + '</ul>' cd = document.getElementById('contentDiv'); cd.innerHTML = inner; id = document.getElementById('infoDiv'); id.innerHTML = ''; } function httpCompleted() { if (httpreq.readyState==4 && httpreq.status==200) { SetContent(httpreq.responseXML); httpreq = null; } } function SetInfo(XML) { var ii = XML.getElementsByTagName('iteminfo').item(0); var inner = ''; inner = inner + '<p><strong>' + ii.getElementsByTagName('name').item(0).firstChild.nodeValue + '</strong></p>'; pict = ii.getElementsByTagName('picture'); if(pict.length>0){ inner = inner + '<img src="../showimage.php?file=' + pict.item(0).firstChild.nodeValue + '"/>'; } descs = ii.getElementsByTagName('description'); for (i=0; i<descs.length; i++){ inner = inner + '<p>' + descs.item(i).firstChild.nodeValue + '</p>'; } id = document.getElementById('infoDiv'); id.innerHTML = inner; } function httpInfoCompleted() { if (httpreq.readyState==4 && httpreq.status==200) { SetInfo(httpreq.responseXML); httpreq = null; } } function loadSomething(what) { getHttpRequest(); httpreq.open('GET', what, true); httpreq.send(''); } function getInfo(where, which) { getHttpRequest(); httpreq.onreadystatechange = httpInfoCompleted; if (where=='infotitle'){ httpreq.open('POST', where+'.php', true); httpreq.setRequestHeader('content-type', 'application/x-www-form-urlencoded'); httpreq.send('id='+which); } else { httpreq.open('GET', where+'.php?id='+which, true); httpreq.send(''); } } function xmlCompleted () { if (httpreq.readyState==4 && httpreq.status==200) { xd = document.getElementById('xmlDiv'); xd.innerHTML = httpreq.responseText; httpreq = null; } } function sendXML () { getHttpRequest(); httpreq.onreadystatechange = xmlCompleted; httpreq.open('POST', 'showxml.php'); httpreq.setRequestHeader('content-type', 'text/xml'); httpreq.send('<xml><node name="nodename1">nodetext1</node><node name="nodename2">nodetext2</node></xml>'); } function getHttpRequest() { // free the curent one if (httpreq!=null){ httpreq.abort(); httpreq = null; } if( window.XMLHttpRequest ) { httpreq = new XMLHttpRequest(); if (httpreq.overrideMimeType) { httpreq.overrideMimeType('text/xml'); } } else if(ActiveXObject) { httpreq = new ActiveXObject("Msxml2.XMLHTTP"); } httpreq.onreadystatechange = httpCompleted; } function SetMyCookie() { document.cookie = "mycookie=3"; alert('A cookie was set by JavaScript.'); } </script> </head> <body> <table border="0" cellpadding="3" width="500" align="center"> <tr> <td class="bordered"> <a href="javascript:loadSomething('artists.php');">artists</a> | <a href="javascript:loadSomething('categories.php');">categories</a> | <a href="#" onclick="loadSomething('titles.php')">titles</a> | <a href="#" onclick="sendXML()">send xml</a> | <a href="#" onclick="SetMyCookie()">setcookie</a> </td> </tr> <tr> <td> <div id="contentDiv"> </div> </td> </tr> <tr> <td> <div id="infoDiv"> </div> </td> </tr> <tr> <td> <div id="xmlDiv"> </div> </td> </tr> </table> </body> </html> |
| URL | http://testphp.vulnweb.com/artists.php |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 287 bytes. |
GET http://testphp.vulnweb.com/artists.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5328 |
| Response Body - size: 5,328 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>artists</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <div class='story'><a href='artists.php?artist=1'><h3>r4w8173</h3></a><p><a href='#' onClick="window.open('./comment.php?aid=1','comment','width=500,height=400')">comment on this artist</a></p></div><div class='story'><a href='artists.php?artist=2'><h3>Blad3</h3></a><p><a href='#' onClick="window.open('./comment.php?aid=2','comment','width=500,height=400')">comment on this artist</a></p></div><div class='story'><a href='artists.php?artist=3'><h3>lyzae</h3></a><p><a href='#' onClick="window.open('./comment.php?aid=3','comment','width=500,height=400')">comment on this artist</a></p></div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/artists.php?artist=1 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 308 bytes. |
GET http://testphp.vulnweb.com/artists.php?artist=1 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/artists.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6251 |
| Response Body - size: 6,251 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>artists</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>artist: r4w8173</h2><div class='story'><p><p> Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenatis. Aliquam posuere lobortis pede. Nullam fringilla urna id leo. Praesent aliquet pretium erat. Praesent non odio. Pellentesque a magna a mauris vulputate lacinia. Aenean viverra. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos hymenaeos. Aliquam lacus. Mauris magna eros, semper a, tempor et, rutrum et, tortor. </p> <p> Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenatis. Aliquam posuere lobortis pede. Nullam fringilla urna id leo. Praesent aliquet pretium erat. Praesent non odio. Pellentesque a magna a mauris vulputate lacinia. Aenean viverra. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos hymenaeos. Aliquam lacus. Mauris magna eros, semper a, tempor et, rutrum et, tortor. </p></p><p><a href='listproducts.php?artist=1'>view pictures of the artist</a></p><p><a href='#' onClick="window.open('./comment.php?aid=1','comment','width=500,height=400')">comment on this artist</a></p></div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/artists.php?artist=2 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 308 bytes. |
GET http://testphp.vulnweb.com/artists.php?artist=2 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/artists.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6193 |
| Response Body - size: 6,193 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>artists</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>artist: Blad3</h2><div class='story'><p><p> Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenatis. Aliquam posuere lobortis pede. Nullam fringilla urna id leo. Praesent aliquet pretium erat. Praesent non odio. Pellentesque a magna a mauris vulputate lacinia. Aenean viverra. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos hymenaeos. Aliquam lacus. Mauris magna eros, semper a, tempor et, rutrum et, tortor. </p> <p> Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenatis. Aliquam posuere lobortis pede. Nullam fringilla urna id leo. Praesent aliquet pretium erat. Praesent non odio. Pellentesque a magna a mauris vulputate lacinia. Aenean viverra. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos hymenaeos. Aliquam lacus. Mauris magna eros, semper a, tempor et, rutrum et, tortor. </p></p><p><a href='listproducts.php?artist=2'>view pictures of the artist</a></p><p><a href='#' onClick="window.open('./comment.php?aid=2','comment','width=500,height=400')">comment on this artist</a></p></div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/artists.php?artist=3 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 308 bytes. |
GET http://testphp.vulnweb.com/artists.php?artist=3 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/artists.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6193 |
| Response Body - size: 6,193 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>artists</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>artist: lyzae</h2><div class='story'><p><p> Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenatis. Aliquam posuere lobortis pede. Nullam fringilla urna id leo. Praesent aliquet pretium erat. Praesent non odio. Pellentesque a magna a mauris vulputate lacinia. Aenean viverra. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos hymenaeos. Aliquam lacus. Mauris magna eros, semper a, tempor et, rutrum et, tortor. </p> <p> Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenatis. Aliquam posuere lobortis pede. Nullam fringilla urna id leo. Praesent aliquet pretium erat. Praesent non odio. Pellentesque a magna a mauris vulputate lacinia. Aenean viverra. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos hymenaeos. Aliquam lacus. Mauris magna eros, semper a, tempor et, rutrum et, tortor. </p></p><p><a href='listproducts.php?artist=3'>view pictures of the artist</a></p><p><a href='#' onClick="window.open('./comment.php?aid=3','comment','width=500,height=400')">comment on this artist</a></p></div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/cart.php |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 284 bytes. |
GET http://testphp.vulnweb.com/cart.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4903 |
| Response Body - size: 4,903 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>you cart</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Error</h2> <div class='story'> <p>You are not logged on. To log on please visit our <a href='login.php'>login page</a></p> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/categories.php |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 290 bytes. |
GET http://testphp.vulnweb.com/categories.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6115 |
| Response Body - size: 6,115 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture categories</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id="pageName">categories</h2> <div class='story'><a href='listproducts.php?cat=1'><h3>Posters</h3></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenati</div><div class='story'><a href='listproducts.php?cat=2'><h3>Paintings</h3></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenati</div><div class='story'><a href='listproducts.php?cat=3'><h3>Stickers</h3></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenati</div><div class='story'><a href='listproducts.php?cat=4'><h3>Graffity</h3></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenati</div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/disclaimer.php |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 290 bytes. |
GET http://testphp.vulnweb.com/disclaimer.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5524 |
| Response Body - size: 5,524 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>disclaimer</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id="pageName">Disclaimer</h2> <div class="story"> <h6>Please read carefully</h6> <p>This website is created to demonstrate the abilities of Acunetix new product <strong>WEB Vulnerability Scanner</strong>.</p> It is not intended to be a real online shop. Also this website was constructed with common web programming errors so it is buggy. <p>Please do not post any confidential information on this site. Do not give any creditcard number or real address, nor e-mail or website addresses.</p> <p>Information you post on this site are by no means private nor protected!</p> <p>All images on this site were generated with fre software <a href="http://www.eclectasy.com/Fractal-Explorer/index.html" target="_blank"> <strong>Fractal Explorer</strong></a>.</p> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/guestbook.php |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 289 bytes. |
GET http://testphp.vulnweb.com/guestbook.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5390 |
| Response Body - size: 5,390 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>guestbook</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <div class="story"> <table width="100%" cellpadding="4" cellspacing="1"><tr><td colspan="2"><h2>Our guestbook</h2></td></tr><tr><td align="left" valign="middle" style="background-color:#F5F5F5"><strong></strong></td><td align="right" style="background-color:#F5F5F5">04.01.2025, 5:52 am</td></tr><tr><td colspan="2"><img src="/images/remark.gif"> </td></tr></table> </div> <div class="story"> <form action="" method="post" name="faddentry"> <input type="hidden" name="name" value="anonymous user"> <textarea name="text" rows="5" wrap="VIRTUAL" style="width:500px;"></textarea> <br> <input type="submit" name="submit" value="add message"> </form> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/high |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 280 bytes. |
GET http://testphp.vulnweb.com/high HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 259 bytes. |
HTTP/1.1 404 Not Found
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html Content-Length: 555 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: 1.1 localhost (squid/5.8) Connection: keep-alive |
| Response Body - size: 555 bytes. |
<html>
<head><title>404 Not Found</title></head> <body> <center><h1>404 Not Found</h1></center> <hr><center>nginx/1.19.0</center> </body> </html> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> |
| URL | http://testphp.vulnweb.com/hpp/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 280 bytes. |
GET http://testphp.vulnweb.com/hpp/ HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 406 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 203 |
| Response Body - size: 203 bytes. |
<title>HTTP Parameter Pollution Example</title>
<a href="?pp=12">check</a><br/> <hr> <a href='http://blog.mindedsecurity.com/2009/05/client-side-http-parameter-pollution.html'>Original article</a> |
| URL | http://testphp.vulnweb.com/hpp/?pp=12 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 291 bytes. |
GET http://testphp.vulnweb.com/hpp/?pp=12 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/hpp/ |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 406 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 383 |
| Response Body - size: 383 bytes. |
<title>HTTP Parameter Pollution Example</title>
<a href="?pp=12">check</a><br/> <a href="params.php?p=valid&pp=12">link1</a><br/><a href="params.php?p=valid&pp=12">link2</a><br/><form action="params.php?p=valid&pp=12"><input type=submit name=aaaa/></form><br/> <hr> <a href='http://blog.mindedsecurity.com/2009/05/client-side-http-parameter-pollution.html'>Original article</a> |
| URL | http://testphp.vulnweb.com/hpp/params.php?p=valid&pp=12 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 315 bytes. |
GET http://testphp.vulnweb.com/hpp/params.php?p=valid&pp=12 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/hpp/?pp=12 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 404 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:06 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 7 |
| Response Body - size: 7 bytes. |
valid12
|
| URL | http://testphp.vulnweb.com/index.php |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 285 bytes. |
GET http://testphp.vulnweb.com/index.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4958 |
| Response Body - size: 4,958 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>Home of Acunetix Art</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id="pageName">welcome to our page</h2> <div class="story"> <h3>Test site for Acunetix WVS.</h3> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | <a href="/Mod_Rewrite_Shop/">Shop</a> | <a href="/hpp/">HTTP Parameter Pollution</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/listproducts.php?artist=1 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 322 bytes. |
GET http://testphp.vulnweb.com/listproducts.php?artist=1 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/artists.php?artist=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 7994 |
| Response Body - size: 7,994 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>pictures</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>r4w8173</h2><div class='story'><a href='product.php?pic=1'><h3>The shore</h3></a><p><a href='showimage.php?file=./pictures/1.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/1.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu.</p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=1','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=2'><h3>Mistery</h3></a><p><a href='showimage.php?file=./pictures/2.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/2.jpg&size=160' width='160' height='100'></a>Donec molestie. Sed aliquam sem ut arcu.</p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=2','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=3'><h3>The universe</h3></a><p><a href='showimage.php?file=./pictures/3.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/3.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet. Donec molestie. Sed aliquam sem ut arcu.</p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=3','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=4'><h3>Walking</h3></a><p><a href='showimage.php?file=./pictures/4.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/4.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. </p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=4','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=5'><h3>Mean</h3></a><p><a href='showimage.php?file=./pictures/5.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/5.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit.</p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=5','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=6'><h3>Thing</h3></a><p><a href='showimage.php?file=./pictures/6.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/6.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. </p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=6','comment','width=500,height=400')">comment on this picture</a></p></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/listproducts.php?artist=2 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 322 bytes. |
GET http://testphp.vulnweb.com/listproducts.php?artist=2 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/artists.php?artist=2 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5193 |
| Response Body - size: 5,193 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>pictures</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Blad3</h2><div class='story'><a href='product.php?pic=7'><h3>Trees</h3></a><p><a href='showimage.php?file=./pictures/7.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/7.jpg&size=160' width='160' height='100'></a>bla bla bla</p><p>painted by: <a href='artists.php?artist=2'>Blad3</a></p><p><a href='#' onClick="window.open('./comment.php?pid=7','comment','width=500,height=400')">comment on this picture</a></p></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/listproducts.php?artist=3 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 322 bytes. |
GET http://testphp.vulnweb.com/listproducts.php?artist=3 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/artists.php?artist=3 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4699 |
| Response Body - size: 4,699 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>pictures</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 313 bytes. |
GET http://testphp.vulnweb.com/listproducts.php?cat=1 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/categories.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 7880 |
| Response Body - size: 7,880 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>pictures</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Posters</h2><div class='story'><a href='product.php?pic=1'><h3>The shore</h3></a><p><a href='showimage.php?file=./pictures/1.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/1.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu.</p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=1','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=2'><h3>Mistery</h3></a><p><a href='showimage.php?file=./pictures/2.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/2.jpg&size=160' width='160' height='100'></a>Donec molestie. Sed aliquam sem ut arcu.</p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=2','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=3'><h3>The universe</h3></a><p><a href='showimage.php?file=./pictures/3.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/3.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet. Donec molestie. Sed aliquam sem ut arcu.</p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=3','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=4'><h3>Walking</h3></a><p><a href='showimage.php?file=./pictures/4.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/4.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. </p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=4','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=5'><h3>Mean</h3></a><p><a href='showimage.php?file=./pictures/5.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/5.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit.</p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=5','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=7'><h3>Trees</h3></a><p><a href='showimage.php?file=./pictures/7.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/7.jpg&size=160' width='160' height='100'></a>bla bla bla</p><p>painted by: <a href='artists.php?artist=2'>Blad3</a></p><p><a href='#' onClick="window.open('./comment.php?pid=7','comment','width=500,height=400')">comment on this picture</a></p></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/listproducts.php?cat=2 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 313 bytes. |
GET http://testphp.vulnweb.com/listproducts.php?cat=2 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/categories.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5311 |
| Response Body - size: 5,311 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>pictures</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Paintings</h2><div class='story'><a href='product.php?pic=6'><h3>Thing</h3></a><p><a href='showimage.php?file=./pictures/6.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/6.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. </p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=6','comment','width=500,height=400')">comment on this picture</a></p></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/listproducts.php?cat=3 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 313 bytes. |
GET http://testphp.vulnweb.com/listproducts.php?cat=3 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/categories.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4699 |
| Response Body - size: 4,699 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>pictures</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/listproducts.php?cat=4 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 313 bytes. |
GET http://testphp.vulnweb.com/listproducts.php?cat=4 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/categories.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4699 |
| Response Body - size: 4,699 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>pictures</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/login.php |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 285 bytes. |
GET http://testphp.vulnweb.com/login.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5523 |
| Response Body - size: 5,523 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>login page</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <div class="story"> <h3>If you are already registered please enter your login information below:</h3><br> <form name="loginform" method="post" action="userinfo.php"> <table cellpadding="4" cellspacing="1"> <tr><td>Username : </td><td><input name="uname" type="text" size="20" style="width:120px;"></td></tr> <tr><td>Password : </td><td><input name="pass" type="password" size="20" style="width:120px;"></td></tr> <tr><td colspan="2" align="right"><input type="submit" value="login" style="width:75px;"></td></tr> </table> </form> </div> <div class="story"> <h3> You can also <a href="signup.php">signup here</a>.<br> Signup disabled. Please use the username <font color='red'>test</font> and the password <font color='red'>test</font>. </h3> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/Mod_Rewrite_Shop/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 293 bytes. |
GET http://testphp.vulnweb.com/Mod_Rewrite_Shop/ HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 406 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 975 |
| Response Body - size: 975 bytes. |
<html>
<div id="content"> <div class='product'><table><tr><td width='180px'><img src='images/1.jpg'></td><td width='400px'><a href='Details/network-attached-storage-dlink/1/'>Network Storage D-Link DNS-313 enclosure 1 x SATA</a></td><td width='50px' bgcolor='#F8F8F8'><a href='Details/network-attached-storage-dlink/1/'>Price<br>359 €</a></td></table></tr></div><div class='product'><table><tr><td width='180px'><img src='images/2.jpg'></td><td width='400px'><a href='Details/web-camera-a4tech/2/'>Web Camera A4Tech PK-335E</a></td><td width='50px' bgcolor='#F8F8F8'><a href='Details/web-camera-a4tech/2/'>Price<br>10 €</a></td></table></tr></div><div class='product'><table><tr><td width='180px'><img src='images/3.jpg'></td><td width='400px'><a href='Details/color-printer/3/'>Laser Color Printer HP LaserJet M551dn, A4</a></td><td width='50px' bgcolor='#F8F8F8'><a href='Details/color-printer/3/'>Price<br>812 €</a></td></table></tr></div></div> </html> |
| URL | http://testphp.vulnweb.com/Mod_Rewrite_Shop/BuyProduct-1/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 365 bytes. |
GET http://testphp.vulnweb.com/Mod_Rewrite_Shop/BuyProduct-1/ HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/network-attached-storage-dlink/1/ |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 406 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 100 |
| Response Body - size: 100 bytes. |
<div>Thanks for buying <b> Network Storage D-Link DNS-313 enclosure 1 x SATA</b><br><br></div>
|
| URL | http://testphp.vulnweb.com/Mod_Rewrite_Shop/BuyProduct-2/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 352 bytes. |
GET http://testphp.vulnweb.com/Mod_Rewrite_Shop/BuyProduct-2/ HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/web-camera-a4tech/2/ |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 405 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:06 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 76 |
| Response Body - size: 76 bytes. |
<div>Thanks for buying <b> Web Camera A4Tech PK-335E</b><br><br></div>
|
| URL | http://testphp.vulnweb.com/Mod_Rewrite_Shop/BuyProduct-3/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 348 bytes. |
GET http://testphp.vulnweb.com/Mod_Rewrite_Shop/BuyProduct-3/ HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/color-printer/3/ |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 405 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:06 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 93 |
| Response Body - size: 93 bytes. |
<div>Thanks for buying <b> Laser Color Printer HP LaserJet M551dn, A4</b><br><br></div>
|
| URL | http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/color-printer/3/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 335 bytes. |
GET http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/color-printer/3/ HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/Mod_Rewrite_Shop/ |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 406 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 313 |
| Response Body - size: 313 bytes. |
<div><img src='/Mod_Rewrite_Shop/images/3.jpg'><b>Laser Color Printer HP LaserJet M551dn, A4</b><br><br>Laser Color Printer HP LaserJet M551dn, A4<br><a href='/Mod_Rewrite_Shop/BuyProduct-3/'>Buy</a> <a href='/Mod_Rewrite_Shop/RateProduct-3.html'>Rate</a></div><hr><a href='/Mod_Rewrite_Shop/'>Back</a>
|
| URL | http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/network-attached-storage-dlink/1/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 352 bytes. |
GET http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/network-attached-storage-dlink/1/ HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/Mod_Rewrite_Shop/ |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 406 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 319 |
| Response Body - size: 319 bytes. |
<div><img src='/Mod_Rewrite_Shop/images/1.jpg'><b>Network Storage D-Link DNS-313 enclosure 1 x SATA</b><br><br>NET STORAGE ENCLOSURE SATA DNS-313 D-LINK<br><a href='/Mod_Rewrite_Shop/BuyProduct-1/'>Buy</a> <a href='/Mod_Rewrite_Shop/RateProduct-1.html'>Rate</a></div><hr><a href='/Mod_Rewrite_Shop/'>Back</a>
|
| URL | http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/web-camera-a4tech/2/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 339 bytes. |
GET http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/web-camera-a4tech/2/ HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/Mod_Rewrite_Shop/ |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 406 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 279 |
| Response Body - size: 279 bytes. |
<div><img src='/Mod_Rewrite_Shop/images/2.jpg'><b>Web Camera A4Tech PK-335E</b><br><br>Web Camera A4Tech PK-335E<br><a href='/Mod_Rewrite_Shop/BuyProduct-2/'>Buy</a> <a href='/Mod_Rewrite_Shop/RateProduct-2.html'>Rate</a></div><hr><a href='/Mod_Rewrite_Shop/'>Back</a>
|
| URL | http://testphp.vulnweb.com/Mod_Rewrite_Shop/RateProduct-1.html |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 370 bytes. |
GET http://testphp.vulnweb.com/Mod_Rewrite_Shop/RateProduct-1.html HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/network-attached-storage-dlink/1/ |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 406 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 100 |
| Response Body - size: 100 bytes. |
<div>Thanks for rating <b> Network Storage D-Link DNS-313 enclosure 1 x SATA</b><br><br></div>
|
| URL | http://testphp.vulnweb.com/Mod_Rewrite_Shop/RateProduct-2.html |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 357 bytes. |
GET http://testphp.vulnweb.com/Mod_Rewrite_Shop/RateProduct-2.html HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/web-camera-a4tech/2/ |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 405 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:06 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 76 |
| Response Body - size: 76 bytes. |
<div>Thanks for rating <b> Web Camera A4Tech PK-335E</b><br><br></div>
|
| URL | http://testphp.vulnweb.com/Mod_Rewrite_Shop/RateProduct-3.html |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 353 bytes. |
GET http://testphp.vulnweb.com/Mod_Rewrite_Shop/RateProduct-3.html HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/color-printer/3/ |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 405 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:06 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 93 |
| Response Body - size: 93 bytes. |
<div>Thanks for rating <b> Laser Color Printer HP LaserJet M551dn, A4</b><br><br></div>
|
| URL | http://testphp.vulnweb.com/privacy.php |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 287 bytes. |
GET http://testphp.vulnweb.com/privacy.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 412 bytes. |
HTTP/1.1 404 Not Found
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 16 |
| Response Body - size: 16 bytes. |
File not found.
|
| URL | http://testphp.vulnweb.com/product.php?pic=1 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=1 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6428 |
| Response Body - size: 6,428 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>The shore</h2><div class='story'><p><a href='showimage.php?file=./pictures/1.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/1.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu.</p><h3>Long description</h3><p><p> This picture is an 53 cm x 12 cm masterpiece. </p> <p> This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information. </p></p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p>the price of this item is: $500</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='500'><input type='hidden' name='addcart' value='1'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/product.php?pic=2 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=2 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6368 |
| Response Body - size: 6,368 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Mistery</h2><div class='story'><p><a href='showimage.php?file=./pictures/2.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/2.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>Donec molestie. Sed aliquam sem ut arcu.</p><h3>Long description</h3><p><p> This picture is an 53 cm x 12 cm masterpiece. </p> <p> This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information. </p></p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p>the price of this item is: $800</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='800'><input type='hidden' name='addcart' value='2'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/product.php?pic=3 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=3 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6401 |
| Response Body - size: 6,401 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>The universe</h2><div class='story'><p><a href='showimage.php?file=./pictures/3.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/3.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>Lorem ipsum dolor sit amet. Donec molestie. Sed aliquam sem ut arcu.</p><h3>Long description</h3><p><p> This picture is an 53 cm x 12 cm masterpiece. </p> <p> This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information. </p></p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p>the price of this item is: $986</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='986'><input type='hidden' name='addcart' value='3'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/product.php?pic=4 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=4 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6453 |
| Response Body - size: 6,453 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Walking</h2><div class='story'><p><a href='showimage.php?file=./pictures/4.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/4.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. </p><h3>Long description</h3><p><p> This picture is an 53 cm x 12 cm masterpiece. </p> <p> This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information. </p></p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p>the price of this item is: $1000</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='1000'><input type='hidden' name='addcart' value='4'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/product.php?pic=5 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=5 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6382 |
| Response Body - size: 6,382 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Mean</h2><div class='story'><p><a href='showimage.php?file=./pictures/5.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/5.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>Lorem ipsum dolor sit amet, consectetuer adipiscing elit.</p><h3>Long description</h3><p><p> This picture is an 53 cm x 12 cm masterpiece. </p> <p> This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information. </p></p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p>the price of this item is: $460</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='460'><input type='hidden' name='addcart' value='5'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/product.php?pic=6 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=6 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=2 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6454 |
| Response Body - size: 6,454 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Thing</h2><div class='story'><p><a href='showimage.php?file=./pictures/6.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/6.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. </p><h3>Long description</h3><p><p> This picture is an 99 cm x 200 cm masterpiece. </p> <p> This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information. </p></p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p>the price of this item is: $10000</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='10000'><input type='hidden' name='addcart' value='6'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/product.php?pic=7 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=7 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5734 |
| Response Body - size: 5,734 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Trees</h2><div class='story'><p><a href='showimage.php?file=./pictures/7.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/7.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>bla bla bla</p><h3>Long description</h3><p>bla bla bla long</p><p>painted by: <a href='artists.php?artist=2'>Blad3</a></p><p>the price of this item is: $15000</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='15000'><input type='hidden' name='addcart' value='7'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/robots.txt |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 249 bytes. |
GET http://testphp.vulnweb.com/robots.txt HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 259 bytes. |
HTTP/1.1 404 Not Found
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html Content-Length: 555 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: 1.1 localhost (squid/5.8) Connection: keep-alive |
| Response Body - size: 555 bytes. |
<html>
<head><title>404 Not Found</title></head> <body> <center><h1>404 Not Found</h1></center> <hr><center>nginx/1.19.0</center> </body> </html> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> |
| URL | http://testphp.vulnweb.com/signup.php |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 296 bytes. |
GET http://testphp.vulnweb.com/signup.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/login.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6033 |
| Response Body - size: 6,033 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>signup</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <div class="story"> <h2 id="pageName">Signup new user</h2> <h4>Please do not enter real information here.</h4> <h4>If you press the submit button you will be transferred to asecured connection.</h4> <form name="form1" method="post" action="/secured/newuser.php"> <table border="0" cellspacing="1" cellpadding="4"> <tr><td valign="top">Username:</td><td><input type="text" name="uuname" style="width:200px"></td></tr> <tr><td valign="top">Password:</td><td><input type="password" name="upass" style="width:200px"></td></tr> <tr><td valign="top">Retype password:</td><td><input type="password" name="upass2" style="width:200px"></td></tr> <tr><td valign="top">Name:</td><td><input type="text" name="urname" style="width:200px"></td></tr> <tr><td valign="top">Credit card number:</td><td><input type="text" name="ucc" style="width:200px"></td></tr> <tr><td valign="top">E-Mail:</td><td><input type="text" name="uemail" style="width:200px"></td></tr> <tr><td valign="top">Phone number:</td><td><input type="text" name="uphone" style="width:200px"></td></tr> <tr><td valign="top">Address:</td><td><textarea wrap="soft" name="uaddress" rows="5" style="width:200px"></textarea></td></tr> <tr><td colspan="2" align="right"><input type="submit" value="signup" name="signup"></td></tr> </table> </form> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/sitemap.xml |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 250 bytes. |
GET http://testphp.vulnweb.com/sitemap.xml HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 259 bytes. |
HTTP/1.1 404 Not Found
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html Content-Length: 555 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: 1.1 localhost (squid/5.8) Connection: keep-alive |
| Response Body - size: 555 bytes. |
<html>
<head><title>404 Not Found</title></head> <body> <center><h1>404 Not Found</h1></center> <hr><center>nginx/1.19.0</center> </body> </html> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> |
| URL | http://testphp.vulnweb.com/cart.php |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 372 bytes. |
POST http://testphp.vulnweb.com/cart.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache content-type: application/x-www-form-urlencoded referer: http://testphp.vulnweb.com/product.php?pic=1 content-length: 19 |
| Request Body - size: 19 bytes. |
price=500&addcart=1
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:06 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4903 |
| Response Body - size: 4,903 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>you cart</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Error</h2> <div class='story'> <p>You are not logged on. To log on please visit our <a href='login.php'>login page</a></p> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/guestbook.php |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 373 bytes. |
POST http://testphp.vulnweb.com/guestbook.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache content-type: application/x-www-form-urlencoded referer: http://testphp.vulnweb.com/guestbook.php content-length: 33 |
| Request Body - size: 33 bytes. |
name=ZAP&text=&submit=add+message
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5393 |
| Response Body - size: 5,393 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>guestbook</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <div class="story"> <table width="100%" cellpadding="4" cellspacing="1"><tr><td colspan="2"><h2>Our guestbook</h2></td></tr><tr><td align="left" valign="middle" style="background-color:#F5F5F5"><strong>ZAP</strong></td><td align="right" style="background-color:#F5F5F5">04.01.2025, 5:52 am</td></tr><tr><td colspan="2"><img src="/images/remark.gif"> </td></tr></table> </div> <div class="story"> <form action="" method="post" name="faddentry"> <input type="hidden" name="name" value="anonymous user"> <textarea name="text" rows="5" wrap="VIRTUAL" style="width:500px;"></textarea> <br> <input type="submit" name="submit" value="add message"> </form> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/search.php?test=query |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 367 bytes. |
POST http://testphp.vulnweb.com/search.php?test=query HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache content-type: application/x-www-form-urlencoded referer: http://testphp.vulnweb.com content-length: 25 |
| Request Body - size: 25 bytes. |
searchFor=ZAP&goButton=go
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4772 |
| Response Body - size: 4,772 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>search</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>searched for: ZAP</h2></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/secured/newuser.php |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Request Header - size: 376 bytes. |
POST http://testphp.vulnweb.com/secured/newuser.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache content-type: application/x-www-form-urlencoded referer: http://testphp.vulnweb.com/signup.php content-length: 96 |
| Request Body - size: 96 bytes. |
uuname=ZAP&upass=ZAP&upass2=ZAP&urname=ZAP&ucc=ZAP&uemail=ZAP&uphone=ZAP&uaddress=&signup=signup
|
| Response Header - size: 406 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 733 |
| Response Body - size: 733 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html> <head> <title>add new user</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <link href="style.css" rel="stylesheet" type="text/css"> </head> <body> <div id="masthead"> <h1 id="siteName">ACUNETIX ART</h1> </div> <div id="content"> <p>You have been introduced to our database with the above informations:</p><ul><li>Username: ZAP</li><li>Password: ZAP</li><li>Name: ZAP</li><li>Address: </li><li>E-Mail: ZAP</li><li>Phone number: ZAP</li><li>Credit card: ZAP</li></ul><p>Now you can login from <a href='http://testphp.vulnweb.com/login.php'>here.</p></div> </body> </html> |
| Instances | 48 |
| Solution |
Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.
|
| Reference |
https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policy
https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html https://www.w3.org/TR/CSP/ https://w3c.github.io/webappsec-csp/ https://web.dev/articles/csp https://caniuse.com/#feat=contentsecuritypolicy https://content-security-policy.com/ |
| Tags |
CWE-693
OWASP_2021_A05 OWASP_2017_A06 |
| CWE Id | 693 |
| WASC Id | 15 |
| Plugin Id | 10038 |
|
Medium |
Missing Anti-clickjacking Header |
|---|---|
| Description |
The response does not protect against 'ClickJacking' attacks. It should include either Content-Security-Policy with 'frame-ancestors' directive or X-Frame-Options.
|
| URL | http://testphp.vulnweb.com |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 238 bytes. |
GET http://testphp.vulnweb.com HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:51:59 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4958 |
| Response Body - size: 4,958 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>Home of Acunetix Art</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id="pageName">welcome to our page</h2> <div class="story"> <h3>Test site for Acunetix WVS.</h3> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | <a href="/Mod_Rewrite_Shop/">Shop</a> | <a href="/hpp/">HTTP Parameter Pollution</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/AJAX/index.php |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 290 bytes. |
GET http://testphp.vulnweb.com/AJAX/index.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4236 |
| Response Body - size: 4,236 bytes. |
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>ajax test</title> <link href="styles.css" rel="stylesheet" type="text/css" /> <script type="text/javascript"> var httpreq = null; function SetContent(XML) { var items = XML.getElementsByTagName('items').item(0).getElementsByTagName('item'); var inner = '<ul>'; for(i=0; i<items.length; i++){ inner = inner + '<li><a href="javascript:getInfo(\'' + items[i].attributes.item(0).value + '\', \'' + items[i].attributes.item(1).value + '\')">' + items[i].firstChild.nodeValue + '</a></li>'; } inner = inner + '</ul>' cd = document.getElementById('contentDiv'); cd.innerHTML = inner; id = document.getElementById('infoDiv'); id.innerHTML = ''; } function httpCompleted() { if (httpreq.readyState==4 && httpreq.status==200) { SetContent(httpreq.responseXML); httpreq = null; } } function SetInfo(XML) { var ii = XML.getElementsByTagName('iteminfo').item(0); var inner = ''; inner = inner + '<p><strong>' + ii.getElementsByTagName('name').item(0).firstChild.nodeValue + '</strong></p>'; pict = ii.getElementsByTagName('picture'); if(pict.length>0){ inner = inner + '<img src="../showimage.php?file=' + pict.item(0).firstChild.nodeValue + '"/>'; } descs = ii.getElementsByTagName('description'); for (i=0; i<descs.length; i++){ inner = inner + '<p>' + descs.item(i).firstChild.nodeValue + '</p>'; } id = document.getElementById('infoDiv'); id.innerHTML = inner; } function httpInfoCompleted() { if (httpreq.readyState==4 && httpreq.status==200) { SetInfo(httpreq.responseXML); httpreq = null; } } function loadSomething(what) { getHttpRequest(); httpreq.open('GET', what, true); httpreq.send(''); } function getInfo(where, which) { getHttpRequest(); httpreq.onreadystatechange = httpInfoCompleted; if (where=='infotitle'){ httpreq.open('POST', where+'.php', true); httpreq.setRequestHeader('content-type', 'application/x-www-form-urlencoded'); httpreq.send('id='+which); } else { httpreq.open('GET', where+'.php?id='+which, true); httpreq.send(''); } } function xmlCompleted () { if (httpreq.readyState==4 && httpreq.status==200) { xd = document.getElementById('xmlDiv'); xd.innerHTML = httpreq.responseText; httpreq = null; } } function sendXML () { getHttpRequest(); httpreq.onreadystatechange = xmlCompleted; httpreq.open('POST', 'showxml.php'); httpreq.setRequestHeader('content-type', 'text/xml'); httpreq.send('<xml><node name="nodename1">nodetext1</node><node name="nodename2">nodetext2</node></xml>'); } function getHttpRequest() { // free the curent one if (httpreq!=null){ httpreq.abort(); httpreq = null; } if( window.XMLHttpRequest ) { httpreq = new XMLHttpRequest(); if (httpreq.overrideMimeType) { httpreq.overrideMimeType('text/xml'); } } else if(ActiveXObject) { httpreq = new ActiveXObject("Msxml2.XMLHTTP"); } httpreq.onreadystatechange = httpCompleted; } function SetMyCookie() { document.cookie = "mycookie=3"; alert('A cookie was set by JavaScript.'); } </script> </head> <body> <table border="0" cellpadding="3" width="500" align="center"> <tr> <td class="bordered"> <a href="javascript:loadSomething('artists.php');">artists</a> | <a href="javascript:loadSomething('categories.php');">categories</a> | <a href="#" onclick="loadSomething('titles.php')">titles</a> | <a href="#" onclick="sendXML()">send xml</a> | <a href="#" onclick="SetMyCookie()">setcookie</a> </td> </tr> <tr> <td> <div id="contentDiv"> </div> </td> </tr> <tr> <td> <div id="infoDiv"> </div> </td> </tr> <tr> <td> <div id="xmlDiv"> </div> </td> </tr> </table> </body> </html> |
| URL | http://testphp.vulnweb.com/artists.php |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 287 bytes. |
GET http://testphp.vulnweb.com/artists.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5328 |
| Response Body - size: 5,328 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>artists</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <div class='story'><a href='artists.php?artist=1'><h3>r4w8173</h3></a><p><a href='#' onClick="window.open('./comment.php?aid=1','comment','width=500,height=400')">comment on this artist</a></p></div><div class='story'><a href='artists.php?artist=2'><h3>Blad3</h3></a><p><a href='#' onClick="window.open('./comment.php?aid=2','comment','width=500,height=400')">comment on this artist</a></p></div><div class='story'><a href='artists.php?artist=3'><h3>lyzae</h3></a><p><a href='#' onClick="window.open('./comment.php?aid=3','comment','width=500,height=400')">comment on this artist</a></p></div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/artists.php?artist=1 |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 308 bytes. |
GET http://testphp.vulnweb.com/artists.php?artist=1 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/artists.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6251 |
| Response Body - size: 6,251 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>artists</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>artist: r4w8173</h2><div class='story'><p><p> Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenatis. Aliquam posuere lobortis pede. Nullam fringilla urna id leo. Praesent aliquet pretium erat. Praesent non odio. Pellentesque a magna a mauris vulputate lacinia. Aenean viverra. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos hymenaeos. Aliquam lacus. Mauris magna eros, semper a, tempor et, rutrum et, tortor. </p> <p> Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenatis. Aliquam posuere lobortis pede. Nullam fringilla urna id leo. Praesent aliquet pretium erat. Praesent non odio. Pellentesque a magna a mauris vulputate lacinia. Aenean viverra. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos hymenaeos. Aliquam lacus. Mauris magna eros, semper a, tempor et, rutrum et, tortor. </p></p><p><a href='listproducts.php?artist=1'>view pictures of the artist</a></p><p><a href='#' onClick="window.open('./comment.php?aid=1','comment','width=500,height=400')">comment on this artist</a></p></div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/artists.php?artist=2 |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 308 bytes. |
GET http://testphp.vulnweb.com/artists.php?artist=2 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/artists.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6193 |
| Response Body - size: 6,193 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>artists</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>artist: Blad3</h2><div class='story'><p><p> Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenatis. Aliquam posuere lobortis pede. Nullam fringilla urna id leo. Praesent aliquet pretium erat. Praesent non odio. Pellentesque a magna a mauris vulputate lacinia. Aenean viverra. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos hymenaeos. Aliquam lacus. Mauris magna eros, semper a, tempor et, rutrum et, tortor. </p> <p> Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenatis. Aliquam posuere lobortis pede. Nullam fringilla urna id leo. Praesent aliquet pretium erat. Praesent non odio. Pellentesque a magna a mauris vulputate lacinia. Aenean viverra. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos hymenaeos. Aliquam lacus. Mauris magna eros, semper a, tempor et, rutrum et, tortor. </p></p><p><a href='listproducts.php?artist=2'>view pictures of the artist</a></p><p><a href='#' onClick="window.open('./comment.php?aid=2','comment','width=500,height=400')">comment on this artist</a></p></div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/artists.php?artist=3 |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 308 bytes. |
GET http://testphp.vulnweb.com/artists.php?artist=3 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/artists.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6193 |
| Response Body - size: 6,193 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>artists</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>artist: lyzae</h2><div class='story'><p><p> Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenatis. Aliquam posuere lobortis pede. Nullam fringilla urna id leo. Praesent aliquet pretium erat. Praesent non odio. Pellentesque a magna a mauris vulputate lacinia. Aenean viverra. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos hymenaeos. Aliquam lacus. Mauris magna eros, semper a, tempor et, rutrum et, tortor. </p> <p> Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenatis. Aliquam posuere lobortis pede. Nullam fringilla urna id leo. Praesent aliquet pretium erat. Praesent non odio. Pellentesque a magna a mauris vulputate lacinia. Aenean viverra. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos hymenaeos. Aliquam lacus. Mauris magna eros, semper a, tempor et, rutrum et, tortor. </p></p><p><a href='listproducts.php?artist=3'>view pictures of the artist</a></p><p><a href='#' onClick="window.open('./comment.php?aid=3','comment','width=500,height=400')">comment on this artist</a></p></div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/cart.php |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 284 bytes. |
GET http://testphp.vulnweb.com/cart.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4903 |
| Response Body - size: 4,903 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>you cart</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Error</h2> <div class='story'> <p>You are not logged on. To log on please visit our <a href='login.php'>login page</a></p> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/categories.php |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 290 bytes. |
GET http://testphp.vulnweb.com/categories.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6115 |
| Response Body - size: 6,115 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture categories</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id="pageName">categories</h2> <div class='story'><a href='listproducts.php?cat=1'><h3>Posters</h3></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenati</div><div class='story'><a href='listproducts.php?cat=2'><h3>Paintings</h3></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenati</div><div class='story'><a href='listproducts.php?cat=3'><h3>Stickers</h3></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenati</div><div class='story'><a href='listproducts.php?cat=4'><h3>Graffity</h3></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenati</div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/disclaimer.php |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 290 bytes. |
GET http://testphp.vulnweb.com/disclaimer.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5524 |
| Response Body - size: 5,524 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>disclaimer</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id="pageName">Disclaimer</h2> <div class="story"> <h6>Please read carefully</h6> <p>This website is created to demonstrate the abilities of Acunetix new product <strong>WEB Vulnerability Scanner</strong>.</p> It is not intended to be a real online shop. Also this website was constructed with common web programming errors so it is buggy. <p>Please do not post any confidential information on this site. Do not give any creditcard number or real address, nor e-mail or website addresses.</p> <p>Information you post on this site are by no means private nor protected!</p> <p>All images on this site were generated with fre software <a href="http://www.eclectasy.com/Fractal-Explorer/index.html" target="_blank"> <strong>Fractal Explorer</strong></a>.</p> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/guestbook.php |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 289 bytes. |
GET http://testphp.vulnweb.com/guestbook.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5390 |
| Response Body - size: 5,390 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>guestbook</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <div class="story"> <table width="100%" cellpadding="4" cellspacing="1"><tr><td colspan="2"><h2>Our guestbook</h2></td></tr><tr><td align="left" valign="middle" style="background-color:#F5F5F5"><strong></strong></td><td align="right" style="background-color:#F5F5F5">04.01.2025, 5:52 am</td></tr><tr><td colspan="2"><img src="/images/remark.gif"> </td></tr></table> </div> <div class="story"> <form action="" method="post" name="faddentry"> <input type="hidden" name="name" value="anonymous user"> <textarea name="text" rows="5" wrap="VIRTUAL" style="width:500px;"></textarea> <br> <input type="submit" name="submit" value="add message"> </form> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/hpp/ |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 280 bytes. |
GET http://testphp.vulnweb.com/hpp/ HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 406 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 203 |
| Response Body - size: 203 bytes. |
<title>HTTP Parameter Pollution Example</title>
<a href="?pp=12">check</a><br/> <hr> <a href='http://blog.mindedsecurity.com/2009/05/client-side-http-parameter-pollution.html'>Original article</a> |
| URL | http://testphp.vulnweb.com/hpp/?pp=12 |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 291 bytes. |
GET http://testphp.vulnweb.com/hpp/?pp=12 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/hpp/ |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 406 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 383 |
| Response Body - size: 383 bytes. |
<title>HTTP Parameter Pollution Example</title>
<a href="?pp=12">check</a><br/> <a href="params.php?p=valid&pp=12">link1</a><br/><a href="params.php?p=valid&pp=12">link2</a><br/><form action="params.php?p=valid&pp=12"><input type=submit name=aaaa/></form><br/> <hr> <a href='http://blog.mindedsecurity.com/2009/05/client-side-http-parameter-pollution.html'>Original article</a> |
| URL | http://testphp.vulnweb.com/hpp/params.php?p=valid&pp=12 |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 315 bytes. |
GET http://testphp.vulnweb.com/hpp/params.php?p=valid&pp=12 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/hpp/?pp=12 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 404 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:06 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 7 |
| Response Body - size: 7 bytes. |
valid12
|
| URL | http://testphp.vulnweb.com/index.php |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 285 bytes. |
GET http://testphp.vulnweb.com/index.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4958 |
| Response Body - size: 4,958 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>Home of Acunetix Art</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id="pageName">welcome to our page</h2> <div class="story"> <h3>Test site for Acunetix WVS.</h3> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | <a href="/Mod_Rewrite_Shop/">Shop</a> | <a href="/hpp/">HTTP Parameter Pollution</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/listproducts.php?artist=1 |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 322 bytes. |
GET http://testphp.vulnweb.com/listproducts.php?artist=1 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/artists.php?artist=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 7994 |
| Response Body - size: 7,994 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>pictures</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>r4w8173</h2><div class='story'><a href='product.php?pic=1'><h3>The shore</h3></a><p><a href='showimage.php?file=./pictures/1.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/1.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu.</p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=1','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=2'><h3>Mistery</h3></a><p><a href='showimage.php?file=./pictures/2.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/2.jpg&size=160' width='160' height='100'></a>Donec molestie. Sed aliquam sem ut arcu.</p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=2','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=3'><h3>The universe</h3></a><p><a href='showimage.php?file=./pictures/3.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/3.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet. Donec molestie. Sed aliquam sem ut arcu.</p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=3','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=4'><h3>Walking</h3></a><p><a href='showimage.php?file=./pictures/4.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/4.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. </p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=4','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=5'><h3>Mean</h3></a><p><a href='showimage.php?file=./pictures/5.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/5.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit.</p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=5','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=6'><h3>Thing</h3></a><p><a href='showimage.php?file=./pictures/6.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/6.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. </p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=6','comment','width=500,height=400')">comment on this picture</a></p></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/listproducts.php?artist=2 |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 322 bytes. |
GET http://testphp.vulnweb.com/listproducts.php?artist=2 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/artists.php?artist=2 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5193 |
| Response Body - size: 5,193 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>pictures</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Blad3</h2><div class='story'><a href='product.php?pic=7'><h3>Trees</h3></a><p><a href='showimage.php?file=./pictures/7.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/7.jpg&size=160' width='160' height='100'></a>bla bla bla</p><p>painted by: <a href='artists.php?artist=2'>Blad3</a></p><p><a href='#' onClick="window.open('./comment.php?pid=7','comment','width=500,height=400')">comment on this picture</a></p></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/listproducts.php?artist=3 |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 322 bytes. |
GET http://testphp.vulnweb.com/listproducts.php?artist=3 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/artists.php?artist=3 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4699 |
| Response Body - size: 4,699 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>pictures</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 313 bytes. |
GET http://testphp.vulnweb.com/listproducts.php?cat=1 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/categories.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 7880 |
| Response Body - size: 7,880 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>pictures</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Posters</h2><div class='story'><a href='product.php?pic=1'><h3>The shore</h3></a><p><a href='showimage.php?file=./pictures/1.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/1.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu.</p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=1','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=2'><h3>Mistery</h3></a><p><a href='showimage.php?file=./pictures/2.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/2.jpg&size=160' width='160' height='100'></a>Donec molestie. Sed aliquam sem ut arcu.</p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=2','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=3'><h3>The universe</h3></a><p><a href='showimage.php?file=./pictures/3.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/3.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet. Donec molestie. Sed aliquam sem ut arcu.</p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=3','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=4'><h3>Walking</h3></a><p><a href='showimage.php?file=./pictures/4.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/4.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. </p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=4','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=5'><h3>Mean</h3></a><p><a href='showimage.php?file=./pictures/5.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/5.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit.</p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=5','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=7'><h3>Trees</h3></a><p><a href='showimage.php?file=./pictures/7.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/7.jpg&size=160' width='160' height='100'></a>bla bla bla</p><p>painted by: <a href='artists.php?artist=2'>Blad3</a></p><p><a href='#' onClick="window.open('./comment.php?pid=7','comment','width=500,height=400')">comment on this picture</a></p></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/listproducts.php?cat=2 |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 313 bytes. |
GET http://testphp.vulnweb.com/listproducts.php?cat=2 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/categories.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5311 |
| Response Body - size: 5,311 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>pictures</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Paintings</h2><div class='story'><a href='product.php?pic=6'><h3>Thing</h3></a><p><a href='showimage.php?file=./pictures/6.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/6.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. </p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=6','comment','width=500,height=400')">comment on this picture</a></p></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/listproducts.php?cat=3 |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 313 bytes. |
GET http://testphp.vulnweb.com/listproducts.php?cat=3 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/categories.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4699 |
| Response Body - size: 4,699 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>pictures</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/listproducts.php?cat=4 |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 313 bytes. |
GET http://testphp.vulnweb.com/listproducts.php?cat=4 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/categories.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4699 |
| Response Body - size: 4,699 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>pictures</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/login.php |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 285 bytes. |
GET http://testphp.vulnweb.com/login.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5523 |
| Response Body - size: 5,523 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>login page</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <div class="story"> <h3>If you are already registered please enter your login information below:</h3><br> <form name="loginform" method="post" action="userinfo.php"> <table cellpadding="4" cellspacing="1"> <tr><td>Username : </td><td><input name="uname" type="text" size="20" style="width:120px;"></td></tr> <tr><td>Password : </td><td><input name="pass" type="password" size="20" style="width:120px;"></td></tr> <tr><td colspan="2" align="right"><input type="submit" value="login" style="width:75px;"></td></tr> </table> </form> </div> <div class="story"> <h3> You can also <a href="signup.php">signup here</a>.<br> Signup disabled. Please use the username <font color='red'>test</font> and the password <font color='red'>test</font>. </h3> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/Mod_Rewrite_Shop/ |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 293 bytes. |
GET http://testphp.vulnweb.com/Mod_Rewrite_Shop/ HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 406 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 975 |
| Response Body - size: 975 bytes. |
<html>
<div id="content"> <div class='product'><table><tr><td width='180px'><img src='images/1.jpg'></td><td width='400px'><a href='Details/network-attached-storage-dlink/1/'>Network Storage D-Link DNS-313 enclosure 1 x SATA</a></td><td width='50px' bgcolor='#F8F8F8'><a href='Details/network-attached-storage-dlink/1/'>Price<br>359 €</a></td></table></tr></div><div class='product'><table><tr><td width='180px'><img src='images/2.jpg'></td><td width='400px'><a href='Details/web-camera-a4tech/2/'>Web Camera A4Tech PK-335E</a></td><td width='50px' bgcolor='#F8F8F8'><a href='Details/web-camera-a4tech/2/'>Price<br>10 €</a></td></table></tr></div><div class='product'><table><tr><td width='180px'><img src='images/3.jpg'></td><td width='400px'><a href='Details/color-printer/3/'>Laser Color Printer HP LaserJet M551dn, A4</a></td><td width='50px' bgcolor='#F8F8F8'><a href='Details/color-printer/3/'>Price<br>812 €</a></td></table></tr></div></div> </html> |
| URL | http://testphp.vulnweb.com/Mod_Rewrite_Shop/BuyProduct-1/ |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 365 bytes. |
GET http://testphp.vulnweb.com/Mod_Rewrite_Shop/BuyProduct-1/ HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/network-attached-storage-dlink/1/ |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 406 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 100 |
| Response Body - size: 100 bytes. |
<div>Thanks for buying <b> Network Storage D-Link DNS-313 enclosure 1 x SATA</b><br><br></div>
|
| URL | http://testphp.vulnweb.com/Mod_Rewrite_Shop/BuyProduct-2/ |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 352 bytes. |
GET http://testphp.vulnweb.com/Mod_Rewrite_Shop/BuyProduct-2/ HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/web-camera-a4tech/2/ |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 405 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:06 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 76 |
| Response Body - size: 76 bytes. |
<div>Thanks for buying <b> Web Camera A4Tech PK-335E</b><br><br></div>
|
| URL | http://testphp.vulnweb.com/Mod_Rewrite_Shop/BuyProduct-3/ |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 348 bytes. |
GET http://testphp.vulnweb.com/Mod_Rewrite_Shop/BuyProduct-3/ HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/color-printer/3/ |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 405 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:06 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 93 |
| Response Body - size: 93 bytes. |
<div>Thanks for buying <b> Laser Color Printer HP LaserJet M551dn, A4</b><br><br></div>
|
| URL | http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/color-printer/3/ |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 335 bytes. |
GET http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/color-printer/3/ HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/Mod_Rewrite_Shop/ |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 406 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 313 |
| Response Body - size: 313 bytes. |
<div><img src='/Mod_Rewrite_Shop/images/3.jpg'><b>Laser Color Printer HP LaserJet M551dn, A4</b><br><br>Laser Color Printer HP LaserJet M551dn, A4<br><a href='/Mod_Rewrite_Shop/BuyProduct-3/'>Buy</a> <a href='/Mod_Rewrite_Shop/RateProduct-3.html'>Rate</a></div><hr><a href='/Mod_Rewrite_Shop/'>Back</a>
|
| URL | http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/network-attached-storage-dlink/1/ |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 352 bytes. |
GET http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/network-attached-storage-dlink/1/ HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/Mod_Rewrite_Shop/ |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 406 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 319 |
| Response Body - size: 319 bytes. |
<div><img src='/Mod_Rewrite_Shop/images/1.jpg'><b>Network Storage D-Link DNS-313 enclosure 1 x SATA</b><br><br>NET STORAGE ENCLOSURE SATA DNS-313 D-LINK<br><a href='/Mod_Rewrite_Shop/BuyProduct-1/'>Buy</a> <a href='/Mod_Rewrite_Shop/RateProduct-1.html'>Rate</a></div><hr><a href='/Mod_Rewrite_Shop/'>Back</a>
|
| URL | http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/web-camera-a4tech/2/ |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 339 bytes. |
GET http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/web-camera-a4tech/2/ HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/Mod_Rewrite_Shop/ |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 406 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 279 |
| Response Body - size: 279 bytes. |
<div><img src='/Mod_Rewrite_Shop/images/2.jpg'><b>Web Camera A4Tech PK-335E</b><br><br>Web Camera A4Tech PK-335E<br><a href='/Mod_Rewrite_Shop/BuyProduct-2/'>Buy</a> <a href='/Mod_Rewrite_Shop/RateProduct-2.html'>Rate</a></div><hr><a href='/Mod_Rewrite_Shop/'>Back</a>
|
| URL | http://testphp.vulnweb.com/Mod_Rewrite_Shop/RateProduct-1.html |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 370 bytes. |
GET http://testphp.vulnweb.com/Mod_Rewrite_Shop/RateProduct-1.html HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/network-attached-storage-dlink/1/ |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 406 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 100 |
| Response Body - size: 100 bytes. |
<div>Thanks for rating <b> Network Storage D-Link DNS-313 enclosure 1 x SATA</b><br><br></div>
|
| URL | http://testphp.vulnweb.com/Mod_Rewrite_Shop/RateProduct-2.html |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 357 bytes. |
GET http://testphp.vulnweb.com/Mod_Rewrite_Shop/RateProduct-2.html HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/web-camera-a4tech/2/ |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 405 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:06 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 76 |
| Response Body - size: 76 bytes. |
<div>Thanks for rating <b> Web Camera A4Tech PK-335E</b><br><br></div>
|
| URL | http://testphp.vulnweb.com/Mod_Rewrite_Shop/RateProduct-3.html |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 353 bytes. |
GET http://testphp.vulnweb.com/Mod_Rewrite_Shop/RateProduct-3.html HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/color-printer/3/ |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 405 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:06 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 93 |
| Response Body - size: 93 bytes. |
<div>Thanks for rating <b> Laser Color Printer HP LaserJet M551dn, A4</b><br><br></div>
|
| URL | http://testphp.vulnweb.com/product.php?pic=1 |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=1 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6428 |
| Response Body - size: 6,428 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>The shore</h2><div class='story'><p><a href='showimage.php?file=./pictures/1.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/1.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu.</p><h3>Long description</h3><p><p> This picture is an 53 cm x 12 cm masterpiece. </p> <p> This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information. </p></p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p>the price of this item is: $500</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='500'><input type='hidden' name='addcart' value='1'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/product.php?pic=2 |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=2 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6368 |
| Response Body - size: 6,368 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Mistery</h2><div class='story'><p><a href='showimage.php?file=./pictures/2.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/2.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>Donec molestie. Sed aliquam sem ut arcu.</p><h3>Long description</h3><p><p> This picture is an 53 cm x 12 cm masterpiece. </p> <p> This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information. </p></p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p>the price of this item is: $800</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='800'><input type='hidden' name='addcart' value='2'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/product.php?pic=3 |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=3 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6401 |
| Response Body - size: 6,401 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>The universe</h2><div class='story'><p><a href='showimage.php?file=./pictures/3.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/3.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>Lorem ipsum dolor sit amet. Donec molestie. Sed aliquam sem ut arcu.</p><h3>Long description</h3><p><p> This picture is an 53 cm x 12 cm masterpiece. </p> <p> This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information. </p></p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p>the price of this item is: $986</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='986'><input type='hidden' name='addcart' value='3'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/product.php?pic=4 |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=4 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6453 |
| Response Body - size: 6,453 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Walking</h2><div class='story'><p><a href='showimage.php?file=./pictures/4.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/4.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. </p><h3>Long description</h3><p><p> This picture is an 53 cm x 12 cm masterpiece. </p> <p> This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information. </p></p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p>the price of this item is: $1000</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='1000'><input type='hidden' name='addcart' value='4'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/product.php?pic=5 |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=5 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6382 |
| Response Body - size: 6,382 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Mean</h2><div class='story'><p><a href='showimage.php?file=./pictures/5.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/5.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>Lorem ipsum dolor sit amet, consectetuer adipiscing elit.</p><h3>Long description</h3><p><p> This picture is an 53 cm x 12 cm masterpiece. </p> <p> This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information. </p></p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p>the price of this item is: $460</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='460'><input type='hidden' name='addcart' value='5'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/product.php?pic=6 |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=6 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=2 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6454 |
| Response Body - size: 6,454 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Thing</h2><div class='story'><p><a href='showimage.php?file=./pictures/6.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/6.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. </p><h3>Long description</h3><p><p> This picture is an 99 cm x 200 cm masterpiece. </p> <p> This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information. </p></p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p>the price of this item is: $10000</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='10000'><input type='hidden' name='addcart' value='6'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/product.php?pic=7 |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=7 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5734 |
| Response Body - size: 5,734 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Trees</h2><div class='story'><p><a href='showimage.php?file=./pictures/7.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/7.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>bla bla bla</p><h3>Long description</h3><p>bla bla bla long</p><p>painted by: <a href='artists.php?artist=2'>Blad3</a></p><p>the price of this item is: $15000</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='15000'><input type='hidden' name='addcart' value='7'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/signup.php |
| Method | GET |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 296 bytes. |
GET http://testphp.vulnweb.com/signup.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/login.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6033 |
| Response Body - size: 6,033 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>signup</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <div class="story"> <h2 id="pageName">Signup new user</h2> <h4>Please do not enter real information here.</h4> <h4>If you press the submit button you will be transferred to asecured connection.</h4> <form name="form1" method="post" action="/secured/newuser.php"> <table border="0" cellspacing="1" cellpadding="4"> <tr><td valign="top">Username:</td><td><input type="text" name="uuname" style="width:200px"></td></tr> <tr><td valign="top">Password:</td><td><input type="password" name="upass" style="width:200px"></td></tr> <tr><td valign="top">Retype password:</td><td><input type="password" name="upass2" style="width:200px"></td></tr> <tr><td valign="top">Name:</td><td><input type="text" name="urname" style="width:200px"></td></tr> <tr><td valign="top">Credit card number:</td><td><input type="text" name="ucc" style="width:200px"></td></tr> <tr><td valign="top">E-Mail:</td><td><input type="text" name="uemail" style="width:200px"></td></tr> <tr><td valign="top">Phone number:</td><td><input type="text" name="uphone" style="width:200px"></td></tr> <tr><td valign="top">Address:</td><td><textarea wrap="soft" name="uaddress" rows="5" style="width:200px"></textarea></td></tr> <tr><td colspan="2" align="right"><input type="submit" value="signup" name="signup"></td></tr> </table> </form> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/cart.php |
| Method | POST |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 372 bytes. |
POST http://testphp.vulnweb.com/cart.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache content-type: application/x-www-form-urlencoded referer: http://testphp.vulnweb.com/product.php?pic=1 content-length: 19 |
| Request Body - size: 19 bytes. |
price=500&addcart=1
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:06 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4903 |
| Response Body - size: 4,903 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>you cart</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Error</h2> <div class='story'> <p>You are not logged on. To log on please visit our <a href='login.php'>login page</a></p> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/guestbook.php |
| Method | POST |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 373 bytes. |
POST http://testphp.vulnweb.com/guestbook.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache content-type: application/x-www-form-urlencoded referer: http://testphp.vulnweb.com/guestbook.php content-length: 33 |
| Request Body - size: 33 bytes. |
name=ZAP&text=&submit=add+message
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5393 |
| Response Body - size: 5,393 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>guestbook</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <div class="story"> <table width="100%" cellpadding="4" cellspacing="1"><tr><td colspan="2"><h2>Our guestbook</h2></td></tr><tr><td align="left" valign="middle" style="background-color:#F5F5F5"><strong>ZAP</strong></td><td align="right" style="background-color:#F5F5F5">04.01.2025, 5:52 am</td></tr><tr><td colspan="2"><img src="/images/remark.gif"> </td></tr></table> </div> <div class="story"> <form action="" method="post" name="faddentry"> <input type="hidden" name="name" value="anonymous user"> <textarea name="text" rows="5" wrap="VIRTUAL" style="width:500px;"></textarea> <br> <input type="submit" name="submit" value="add message"> </form> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/search.php?test=query |
| Method | POST |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 367 bytes. |
POST http://testphp.vulnweb.com/search.php?test=query HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache content-type: application/x-www-form-urlencoded referer: http://testphp.vulnweb.com content-length: 25 |
| Request Body - size: 25 bytes. |
searchFor=ZAP&goButton=go
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4772 |
| Response Body - size: 4,772 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>search</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>searched for: ZAP</h2></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/secured/newuser.php |
| Method | POST |
| Parameter | x-frame-options |
| Attack | |
| Evidence | |
| Request Header - size: 376 bytes. |
POST http://testphp.vulnweb.com/secured/newuser.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache content-type: application/x-www-form-urlencoded referer: http://testphp.vulnweb.com/signup.php content-length: 96 |
| Request Body - size: 96 bytes. |
uuname=ZAP&upass=ZAP&upass2=ZAP&urname=ZAP&ucc=ZAP&uemail=ZAP&uphone=ZAP&uaddress=&signup=signup
|
| Response Header - size: 406 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 733 |
| Response Body - size: 733 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html> <head> <title>add new user</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <link href="style.css" rel="stylesheet" type="text/css"> </head> <body> <div id="masthead"> <h1 id="siteName">ACUNETIX ART</h1> </div> <div id="content"> <p>You have been introduced to our database with the above informations:</p><ul><li>Username: ZAP</li><li>Password: ZAP</li><li>Name: ZAP</li><li>Address: </li><li>E-Mail: ZAP</li><li>Phone number: ZAP</li><li>Credit card: ZAP</li></ul><p>Now you can login from <a href='http://testphp.vulnweb.com/login.php'>here.</p></div> </body> </html> |
| Instances | 44 |
| Solution |
Modern Web browsers support the Content-Security-Policy and X-Frame-Options HTTP headers. Ensure one of them is set on all web pages returned by your site/app.
If you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. Alternatively consider implementing Content Security Policy's "frame-ancestors" directive.
|
| Reference | https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options |
| Tags |
WSTG-v42-CLNT-09
OWASP_2021_A05 OWASP_2017_A06 CWE-1021 |
| CWE Id | 1021 |
| WASC Id | 15 |
| Plugin Id | 10020 |
|
Low |
Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s) |
|---|---|
| Description |
The web/application server is leaking information via one or more "X-Powered-By" HTTP response headers. Access to such information may facilitate attackers identifying other frameworks/components your web application is reliant upon and the vulnerabilities such components may be subject to.
|
| URL | http://testphp.vulnweb.com |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 238 bytes. |
GET http://testphp.vulnweb.com HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:51:59 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4958 |
| Response Body - size: 4,958 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>Home of Acunetix Art</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id="pageName">welcome to our page</h2> <div class="story"> <h3>Test site for Acunetix WVS.</h3> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | <a href="/Mod_Rewrite_Shop/">Shop</a> | <a href="/hpp/">HTTP Parameter Pollution</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/AJAX/index.php |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 290 bytes. |
GET http://testphp.vulnweb.com/AJAX/index.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4236 |
| Response Body - size: 4,236 bytes. |
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>ajax test</title> <link href="styles.css" rel="stylesheet" type="text/css" /> <script type="text/javascript"> var httpreq = null; function SetContent(XML) { var items = XML.getElementsByTagName('items').item(0).getElementsByTagName('item'); var inner = '<ul>'; for(i=0; i<items.length; i++){ inner = inner + '<li><a href="javascript:getInfo(\'' + items[i].attributes.item(0).value + '\', \'' + items[i].attributes.item(1).value + '\')">' + items[i].firstChild.nodeValue + '</a></li>'; } inner = inner + '</ul>' cd = document.getElementById('contentDiv'); cd.innerHTML = inner; id = document.getElementById('infoDiv'); id.innerHTML = ''; } function httpCompleted() { if (httpreq.readyState==4 && httpreq.status==200) { SetContent(httpreq.responseXML); httpreq = null; } } function SetInfo(XML) { var ii = XML.getElementsByTagName('iteminfo').item(0); var inner = ''; inner = inner + '<p><strong>' + ii.getElementsByTagName('name').item(0).firstChild.nodeValue + '</strong></p>'; pict = ii.getElementsByTagName('picture'); if(pict.length>0){ inner = inner + '<img src="../showimage.php?file=' + pict.item(0).firstChild.nodeValue + '"/>'; } descs = ii.getElementsByTagName('description'); for (i=0; i<descs.length; i++){ inner = inner + '<p>' + descs.item(i).firstChild.nodeValue + '</p>'; } id = document.getElementById('infoDiv'); id.innerHTML = inner; } function httpInfoCompleted() { if (httpreq.readyState==4 && httpreq.status==200) { SetInfo(httpreq.responseXML); httpreq = null; } } function loadSomething(what) { getHttpRequest(); httpreq.open('GET', what, true); httpreq.send(''); } function getInfo(where, which) { getHttpRequest(); httpreq.onreadystatechange = httpInfoCompleted; if (where=='infotitle'){ httpreq.open('POST', where+'.php', true); httpreq.setRequestHeader('content-type', 'application/x-www-form-urlencoded'); httpreq.send('id='+which); } else { httpreq.open('GET', where+'.php?id='+which, true); httpreq.send(''); } } function xmlCompleted () { if (httpreq.readyState==4 && httpreq.status==200) { xd = document.getElementById('xmlDiv'); xd.innerHTML = httpreq.responseText; httpreq = null; } } function sendXML () { getHttpRequest(); httpreq.onreadystatechange = xmlCompleted; httpreq.open('POST', 'showxml.php'); httpreq.setRequestHeader('content-type', 'text/xml'); httpreq.send('<xml><node name="nodename1">nodetext1</node><node name="nodename2">nodetext2</node></xml>'); } function getHttpRequest() { // free the curent one if (httpreq!=null){ httpreq.abort(); httpreq = null; } if( window.XMLHttpRequest ) { httpreq = new XMLHttpRequest(); if (httpreq.overrideMimeType) { httpreq.overrideMimeType('text/xml'); } } else if(ActiveXObject) { httpreq = new ActiveXObject("Msxml2.XMLHTTP"); } httpreq.onreadystatechange = httpCompleted; } function SetMyCookie() { document.cookie = "mycookie=3"; alert('A cookie was set by JavaScript.'); } </script> </head> <body> <table border="0" cellpadding="3" width="500" align="center"> <tr> <td class="bordered"> <a href="javascript:loadSomething('artists.php');">artists</a> | <a href="javascript:loadSomething('categories.php');">categories</a> | <a href="#" onclick="loadSomething('titles.php')">titles</a> | <a href="#" onclick="sendXML()">send xml</a> | <a href="#" onclick="SetMyCookie()">setcookie</a> </td> </tr> <tr> <td> <div id="contentDiv"> </div> </td> </tr> <tr> <td> <div id="infoDiv"> </div> </td> </tr> <tr> <td> <div id="xmlDiv"> </div> </td> </tr> </table> </body> </html> |
| URL | http://testphp.vulnweb.com/artists.php |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 287 bytes. |
GET http://testphp.vulnweb.com/artists.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5328 |
| Response Body - size: 5,328 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>artists</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <div class='story'><a href='artists.php?artist=1'><h3>r4w8173</h3></a><p><a href='#' onClick="window.open('./comment.php?aid=1','comment','width=500,height=400')">comment on this artist</a></p></div><div class='story'><a href='artists.php?artist=2'><h3>Blad3</h3></a><p><a href='#' onClick="window.open('./comment.php?aid=2','comment','width=500,height=400')">comment on this artist</a></p></div><div class='story'><a href='artists.php?artist=3'><h3>lyzae</h3></a><p><a href='#' onClick="window.open('./comment.php?aid=3','comment','width=500,height=400')">comment on this artist</a></p></div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/artists.php?artist=1 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 308 bytes. |
GET http://testphp.vulnweb.com/artists.php?artist=1 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/artists.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6251 |
| Response Body - size: 6,251 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>artists</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>artist: r4w8173</h2><div class='story'><p><p> Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenatis. Aliquam posuere lobortis pede. Nullam fringilla urna id leo. Praesent aliquet pretium erat. Praesent non odio. Pellentesque a magna a mauris vulputate lacinia. Aenean viverra. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos hymenaeos. Aliquam lacus. Mauris magna eros, semper a, tempor et, rutrum et, tortor. </p> <p> Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenatis. Aliquam posuere lobortis pede. Nullam fringilla urna id leo. Praesent aliquet pretium erat. Praesent non odio. Pellentesque a magna a mauris vulputate lacinia. Aenean viverra. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos hymenaeos. Aliquam lacus. Mauris magna eros, semper a, tempor et, rutrum et, tortor. </p></p><p><a href='listproducts.php?artist=1'>view pictures of the artist</a></p><p><a href='#' onClick="window.open('./comment.php?aid=1','comment','width=500,height=400')">comment on this artist</a></p></div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/artists.php?artist=2 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 308 bytes. |
GET http://testphp.vulnweb.com/artists.php?artist=2 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/artists.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6193 |
| Response Body - size: 6,193 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>artists</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>artist: Blad3</h2><div class='story'><p><p> Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenatis. Aliquam posuere lobortis pede. Nullam fringilla urna id leo. Praesent aliquet pretium erat. Praesent non odio. Pellentesque a magna a mauris vulputate lacinia. Aenean viverra. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos hymenaeos. Aliquam lacus. Mauris magna eros, semper a, tempor et, rutrum et, tortor. </p> <p> Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenatis. Aliquam posuere lobortis pede. Nullam fringilla urna id leo. Praesent aliquet pretium erat. Praesent non odio. Pellentesque a magna a mauris vulputate lacinia. Aenean viverra. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos hymenaeos. Aliquam lacus. Mauris magna eros, semper a, tempor et, rutrum et, tortor. </p></p><p><a href='listproducts.php?artist=2'>view pictures of the artist</a></p><p><a href='#' onClick="window.open('./comment.php?aid=2','comment','width=500,height=400')">comment on this artist</a></p></div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/artists.php?artist=3 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 308 bytes. |
GET http://testphp.vulnweb.com/artists.php?artist=3 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/artists.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6193 |
| Response Body - size: 6,193 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>artists</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>artist: lyzae</h2><div class='story'><p><p> Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenatis. Aliquam posuere lobortis pede. Nullam fringilla urna id leo. Praesent aliquet pretium erat. Praesent non odio. Pellentesque a magna a mauris vulputate lacinia. Aenean viverra. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos hymenaeos. Aliquam lacus. Mauris magna eros, semper a, tempor et, rutrum et, tortor. </p> <p> Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenatis. Aliquam posuere lobortis pede. Nullam fringilla urna id leo. Praesent aliquet pretium erat. Praesent non odio. Pellentesque a magna a mauris vulputate lacinia. Aenean viverra. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos hymenaeos. Aliquam lacus. Mauris magna eros, semper a, tempor et, rutrum et, tortor. </p></p><p><a href='listproducts.php?artist=3'>view pictures of the artist</a></p><p><a href='#' onClick="window.open('./comment.php?aid=3','comment','width=500,height=400')">comment on this artist</a></p></div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/cart.php |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 284 bytes. |
GET http://testphp.vulnweb.com/cart.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4903 |
| Response Body - size: 4,903 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>you cart</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Error</h2> <div class='story'> <p>You are not logged on. To log on please visit our <a href='login.php'>login page</a></p> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/categories.php |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 290 bytes. |
GET http://testphp.vulnweb.com/categories.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6115 |
| Response Body - size: 6,115 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture categories</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id="pageName">categories</h2> <div class='story'><a href='listproducts.php?cat=1'><h3>Posters</h3></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenati</div><div class='story'><a href='listproducts.php?cat=2'><h3>Paintings</h3></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenati</div><div class='story'><a href='listproducts.php?cat=3'><h3>Stickers</h3></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenati</div><div class='story'><a href='listproducts.php?cat=4'><h3>Graffity</h3></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. Vestibulum condimentum facilisis nulla. In hac habitasse platea dictumst. Nulla nonummy. Cras quis libero. Cras venenati</div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/disclaimer.php |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 290 bytes. |
GET http://testphp.vulnweb.com/disclaimer.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5524 |
| Response Body - size: 5,524 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>disclaimer</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id="pageName">Disclaimer</h2> <div class="story"> <h6>Please read carefully</h6> <p>This website is created to demonstrate the abilities of Acunetix new product <strong>WEB Vulnerability Scanner</strong>.</p> It is not intended to be a real online shop. Also this website was constructed with common web programming errors so it is buggy. <p>Please do not post any confidential information on this site. Do not give any creditcard number or real address, nor e-mail or website addresses.</p> <p>Information you post on this site are by no means private nor protected!</p> <p>All images on this site were generated with fre software <a href="http://www.eclectasy.com/Fractal-Explorer/index.html" target="_blank"> <strong>Fractal Explorer</strong></a>.</p> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/guestbook.php |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 289 bytes. |
GET http://testphp.vulnweb.com/guestbook.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5390 |
| Response Body - size: 5,390 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>guestbook</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <div class="story"> <table width="100%" cellpadding="4" cellspacing="1"><tr><td colspan="2"><h2>Our guestbook</h2></td></tr><tr><td align="left" valign="middle" style="background-color:#F5F5F5"><strong></strong></td><td align="right" style="background-color:#F5F5F5">04.01.2025, 5:52 am</td></tr><tr><td colspan="2"><img src="/images/remark.gif"> </td></tr></table> </div> <div class="story"> <form action="" method="post" name="faddentry"> <input type="hidden" name="name" value="anonymous user"> <textarea name="text" rows="5" wrap="VIRTUAL" style="width:500px;"></textarea> <br> <input type="submit" name="submit" value="add message"> </form> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/hpp/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 280 bytes. |
GET http://testphp.vulnweb.com/hpp/ HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 406 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 203 |
| Response Body - size: 203 bytes. |
<title>HTTP Parameter Pollution Example</title>
<a href="?pp=12">check</a><br/> <hr> <a href='http://blog.mindedsecurity.com/2009/05/client-side-http-parameter-pollution.html'>Original article</a> |
| URL | http://testphp.vulnweb.com/hpp/?pp=12 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 291 bytes. |
GET http://testphp.vulnweb.com/hpp/?pp=12 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/hpp/ |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 406 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 383 |
| Response Body - size: 383 bytes. |
<title>HTTP Parameter Pollution Example</title>
<a href="?pp=12">check</a><br/> <a href="params.php?p=valid&pp=12">link1</a><br/><a href="params.php?p=valid&pp=12">link2</a><br/><form action="params.php?p=valid&pp=12"><input type=submit name=aaaa/></form><br/> <hr> <a href='http://blog.mindedsecurity.com/2009/05/client-side-http-parameter-pollution.html'>Original article</a> |
| URL | http://testphp.vulnweb.com/hpp/params.php?p=valid&pp=12 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 315 bytes. |
GET http://testphp.vulnweb.com/hpp/params.php?p=valid&pp=12 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/hpp/?pp=12 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 404 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:06 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 7 |
| Response Body - size: 7 bytes. |
valid12
|
| URL | http://testphp.vulnweb.com/index.php |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 285 bytes. |
GET http://testphp.vulnweb.com/index.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4958 |
| Response Body - size: 4,958 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>Home of Acunetix Art</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id="pageName">welcome to our page</h2> <div class="story"> <h3>Test site for Acunetix WVS.</h3> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | <a href="/Mod_Rewrite_Shop/">Shop</a> | <a href="/hpp/">HTTP Parameter Pollution</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/listproducts.php?artist=1 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 322 bytes. |
GET http://testphp.vulnweb.com/listproducts.php?artist=1 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/artists.php?artist=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 7994 |
| Response Body - size: 7,994 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>pictures</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>r4w8173</h2><div class='story'><a href='product.php?pic=1'><h3>The shore</h3></a><p><a href='showimage.php?file=./pictures/1.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/1.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu.</p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=1','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=2'><h3>Mistery</h3></a><p><a href='showimage.php?file=./pictures/2.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/2.jpg&size=160' width='160' height='100'></a>Donec molestie. Sed aliquam sem ut arcu.</p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=2','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=3'><h3>The universe</h3></a><p><a href='showimage.php?file=./pictures/3.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/3.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet. Donec molestie. Sed aliquam sem ut arcu.</p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=3','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=4'><h3>Walking</h3></a><p><a href='showimage.php?file=./pictures/4.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/4.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. </p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=4','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=5'><h3>Mean</h3></a><p><a href='showimage.php?file=./pictures/5.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/5.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit.</p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=5','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=6'><h3>Thing</h3></a><p><a href='showimage.php?file=./pictures/6.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/6.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. </p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=6','comment','width=500,height=400')">comment on this picture</a></p></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/listproducts.php?artist=2 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 322 bytes. |
GET http://testphp.vulnweb.com/listproducts.php?artist=2 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/artists.php?artist=2 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5193 |
| Response Body - size: 5,193 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>pictures</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Blad3</h2><div class='story'><a href='product.php?pic=7'><h3>Trees</h3></a><p><a href='showimage.php?file=./pictures/7.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/7.jpg&size=160' width='160' height='100'></a>bla bla bla</p><p>painted by: <a href='artists.php?artist=2'>Blad3</a></p><p><a href='#' onClick="window.open('./comment.php?pid=7','comment','width=500,height=400')">comment on this picture</a></p></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/listproducts.php?artist=3 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 322 bytes. |
GET http://testphp.vulnweb.com/listproducts.php?artist=3 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/artists.php?artist=3 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4699 |
| Response Body - size: 4,699 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>pictures</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 313 bytes. |
GET http://testphp.vulnweb.com/listproducts.php?cat=1 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/categories.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 7880 |
| Response Body - size: 7,880 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>pictures</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Posters</h2><div class='story'><a href='product.php?pic=1'><h3>The shore</h3></a><p><a href='showimage.php?file=./pictures/1.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/1.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu.</p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=1','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=2'><h3>Mistery</h3></a><p><a href='showimage.php?file=./pictures/2.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/2.jpg&size=160' width='160' height='100'></a>Donec molestie. Sed aliquam sem ut arcu.</p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=2','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=3'><h3>The universe</h3></a><p><a href='showimage.php?file=./pictures/3.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/3.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet. Donec molestie. Sed aliquam sem ut arcu.</p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=3','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=4'><h3>Walking</h3></a><p><a href='showimage.php?file=./pictures/4.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/4.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. </p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=4','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=5'><h3>Mean</h3></a><p><a href='showimage.php?file=./pictures/5.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/5.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit.</p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=5','comment','width=500,height=400')">comment on this picture</a></p></div><div class='story'><a href='product.php?pic=7'><h3>Trees</h3></a><p><a href='showimage.php?file=./pictures/7.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/7.jpg&size=160' width='160' height='100'></a>bla bla bla</p><p>painted by: <a href='artists.php?artist=2'>Blad3</a></p><p><a href='#' onClick="window.open('./comment.php?pid=7','comment','width=500,height=400')">comment on this picture</a></p></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/listproducts.php?cat=2 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 313 bytes. |
GET http://testphp.vulnweb.com/listproducts.php?cat=2 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/categories.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5311 |
| Response Body - size: 5,311 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>pictures</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Paintings</h2><div class='story'><a href='product.php?pic=6'><h3>Thing</h3></a><p><a href='showimage.php?file=./pictures/6.jpg' target='_blank'><img style='cursor:pointer' border='0' align='left' src='showimage.php?file=./pictures/6.jpg&size=160' width='160' height='100'></a>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. </p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p><a href='#' onClick="window.open('./comment.php?pid=6','comment','width=500,height=400')">comment on this picture</a></p></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/listproducts.php?cat=3 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 313 bytes. |
GET http://testphp.vulnweb.com/listproducts.php?cat=3 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/categories.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4699 |
| Response Body - size: 4,699 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>pictures</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/listproducts.php?cat=4 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 313 bytes. |
GET http://testphp.vulnweb.com/listproducts.php?cat=4 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/categories.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 4699 |
| Response Body - size: 4,699 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>pictures</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/login.php |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 285 bytes. |
GET http://testphp.vulnweb.com/login.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5523 |
| Response Body - size: 5,523 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>login page</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <!-- here goes headers headers --> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <div class="story"> <h3>If you are already registered please enter your login information below:</h3><br> <form name="loginform" method="post" action="userinfo.php"> <table cellpadding="4" cellspacing="1"> <tr><td>Username : </td><td><input name="uname" type="text" size="20" style="width:120px;"></td></tr> <tr><td>Password : </td><td><input name="pass" type="password" size="20" style="width:120px;"></td></tr> <tr><td colspan="2" align="right"><input type="submit" value="login" style="width:75px;"></td></tr> </table> </form> </div> <div class="story"> <h3> You can also <a href="signup.php">signup here</a>.<br> Signup disabled. Please use the username <font color='red'>test</font> and the password <font color='red'>test</font>. </h3> </div> </div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/Mod_Rewrite_Shop/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 293 bytes. |
GET http://testphp.vulnweb.com/Mod_Rewrite_Shop/ HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 406 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 975 |
| Response Body - size: 975 bytes. |
<html>
<div id="content"> <div class='product'><table><tr><td width='180px'><img src='images/1.jpg'></td><td width='400px'><a href='Details/network-attached-storage-dlink/1/'>Network Storage D-Link DNS-313 enclosure 1 x SATA</a></td><td width='50px' bgcolor='#F8F8F8'><a href='Details/network-attached-storage-dlink/1/'>Price<br>359 €</a></td></table></tr></div><div class='product'><table><tr><td width='180px'><img src='images/2.jpg'></td><td width='400px'><a href='Details/web-camera-a4tech/2/'>Web Camera A4Tech PK-335E</a></td><td width='50px' bgcolor='#F8F8F8'><a href='Details/web-camera-a4tech/2/'>Price<br>10 €</a></td></table></tr></div><div class='product'><table><tr><td width='180px'><img src='images/3.jpg'></td><td width='400px'><a href='Details/color-printer/3/'>Laser Color Printer HP LaserJet M551dn, A4</a></td><td width='50px' bgcolor='#F8F8F8'><a href='Details/color-printer/3/'>Price<br>812 €</a></td></table></tr></div></div> </html> |
| URL | http://testphp.vulnweb.com/Mod_Rewrite_Shop/BuyProduct-1/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 365 bytes. |
GET http://testphp.vulnweb.com/Mod_Rewrite_Shop/BuyProduct-1/ HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/network-attached-storage-dlink/1/ |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 406 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 100 |
| Response Body - size: 100 bytes. |
<div>Thanks for buying <b> Network Storage D-Link DNS-313 enclosure 1 x SATA</b><br><br></div>
|
| URL | http://testphp.vulnweb.com/Mod_Rewrite_Shop/BuyProduct-2/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 352 bytes. |
GET http://testphp.vulnweb.com/Mod_Rewrite_Shop/BuyProduct-2/ HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/web-camera-a4tech/2/ |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 405 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:06 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 76 |
| Response Body - size: 76 bytes. |
<div>Thanks for buying <b> Web Camera A4Tech PK-335E</b><br><br></div>
|
| URL | http://testphp.vulnweb.com/Mod_Rewrite_Shop/BuyProduct-3/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 348 bytes. |
GET http://testphp.vulnweb.com/Mod_Rewrite_Shop/BuyProduct-3/ HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/color-printer/3/ |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 405 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:06 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 93 |
| Response Body - size: 93 bytes. |
<div>Thanks for buying <b> Laser Color Printer HP LaserJet M551dn, A4</b><br><br></div>
|
| URL | http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/color-printer/3/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 335 bytes. |
GET http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/color-printer/3/ HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/Mod_Rewrite_Shop/ |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 406 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 313 |
| Response Body - size: 313 bytes. |
<div><img src='/Mod_Rewrite_Shop/images/3.jpg'><b>Laser Color Printer HP LaserJet M551dn, A4</b><br><br>Laser Color Printer HP LaserJet M551dn, A4<br><a href='/Mod_Rewrite_Shop/BuyProduct-3/'>Buy</a> <a href='/Mod_Rewrite_Shop/RateProduct-3.html'>Rate</a></div><hr><a href='/Mod_Rewrite_Shop/'>Back</a>
|
| URL | http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/network-attached-storage-dlink/1/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 352 bytes. |
GET http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/network-attached-storage-dlink/1/ HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/Mod_Rewrite_Shop/ |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 406 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 319 |
| Response Body - size: 319 bytes. |
<div><img src='/Mod_Rewrite_Shop/images/1.jpg'><b>Network Storage D-Link DNS-313 enclosure 1 x SATA</b><br><br>NET STORAGE ENCLOSURE SATA DNS-313 D-LINK<br><a href='/Mod_Rewrite_Shop/BuyProduct-1/'>Buy</a> <a href='/Mod_Rewrite_Shop/RateProduct-1.html'>Rate</a></div><hr><a href='/Mod_Rewrite_Shop/'>Back</a>
|
| URL | http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/web-camera-a4tech/2/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 339 bytes. |
GET http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/web-camera-a4tech/2/ HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/Mod_Rewrite_Shop/ |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 406 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 279 |
| Response Body - size: 279 bytes. |
<div><img src='/Mod_Rewrite_Shop/images/2.jpg'><b>Web Camera A4Tech PK-335E</b><br><br>Web Camera A4Tech PK-335E<br><a href='/Mod_Rewrite_Shop/BuyProduct-2/'>Buy</a> <a href='/Mod_Rewrite_Shop/RateProduct-2.html'>Rate</a></div><hr><a href='/Mod_Rewrite_Shop/'>Back</a>
|
| URL | http://testphp.vulnweb.com/Mod_Rewrite_Shop/RateProduct-1.html |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 370 bytes. |
GET http://testphp.vulnweb.com/Mod_Rewrite_Shop/RateProduct-1.html HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/network-attached-storage-dlink/1/ |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 406 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 100 |
| Response Body - size: 100 bytes. |
<div>Thanks for rating <b> Network Storage D-Link DNS-313 enclosure 1 x SATA</b><br><br></div>
|
| URL | http://testphp.vulnweb.com/Mod_Rewrite_Shop/RateProduct-2.html |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 357 bytes. |
GET http://testphp.vulnweb.com/Mod_Rewrite_Shop/RateProduct-2.html HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/web-camera-a4tech/2/ |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 405 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:06 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 76 |
| Response Body - size: 76 bytes. |
<div>Thanks for rating <b> Web Camera A4Tech PK-335E</b><br><br></div>
|
| URL | http://testphp.vulnweb.com/Mod_Rewrite_Shop/RateProduct-3.html |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 353 bytes. |
GET http://testphp.vulnweb.com/Mod_Rewrite_Shop/RateProduct-3.html HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/color-printer/3/ |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 405 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:06 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 93 |
| Response Body - size: 93 bytes. |
<div>Thanks for rating <b> Laser Color Printer HP LaserJet M551dn, A4</b><br><br></div>
|
| URL | http://testphp.vulnweb.com/privacy.php |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 287 bytes. |
GET http://testphp.vulnweb.com/privacy.php HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 412 bytes. |
HTTP/1.1 404 Not Found
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:00 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 16 |
| Response Body - size: 16 bytes. |
File not found.
|
| URL | http://testphp.vulnweb.com/product.php?pic=1 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=1 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6428 |
| Response Body - size: 6,428 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>The shore</h2><div class='story'><p><a href='showimage.php?file=./pictures/1.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/1.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu.</p><h3>Long description</h3><p><p> This picture is an 53 cm x 12 cm masterpiece. </p> <p> This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information. </p></p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p>the price of this item is: $500</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='500'><input type='hidden' name='addcart' value='1'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/product.php?pic=2 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=2 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6368 |
| Response Body - size: 6,368 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Mistery</h2><div class='story'><p><a href='showimage.php?file=./pictures/2.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/2.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>Donec molestie. Sed aliquam sem ut arcu.</p><h3>Long description</h3><p><p> This picture is an 53 cm x 12 cm masterpiece. </p> <p> This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information. </p></p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p>the price of this item is: $800</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='800'><input type='hidden' name='addcart' value='2'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/product.php?pic=3 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=3 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6401 |
| Response Body - size: 6,401 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>The universe</h2><div class='story'><p><a href='showimage.php?file=./pictures/3.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/3.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>Lorem ipsum dolor sit amet. Donec molestie. Sed aliquam sem ut arcu.</p><h3>Long description</h3><p><p> This picture is an 53 cm x 12 cm masterpiece. </p> <p> This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information. </p></p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p>the price of this item is: $986</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='986'><input type='hidden' name='addcart' value='3'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/product.php?pic=4 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=4 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6453 |
| Response Body - size: 6,453 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Walking</h2><div class='story'><p><a href='showimage.php?file=./pictures/4.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/4.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. </p><h3>Long description</h3><p><p> This picture is an 53 cm x 12 cm masterpiece. </p> <p> This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information. </p></p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p>the price of this item is: $1000</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='1000'><input type='hidden' name='addcart' value='4'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/product.php?pic=5 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=5 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6382 |
| Response Body - size: 6,382 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Mean</h2><div class='story'><p><a href='showimage.php?file=./pictures/5.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/5.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>Lorem ipsum dolor sit amet, consectetuer adipiscing elit.</p><h3>Long description</h3><p><p> This picture is an 53 cm x 12 cm masterpiece. </p> <p> This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information. </p></p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p>the price of this item is: $460</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='460'><input type='hidden' name='addcart' value='5'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/product.php?pic=6 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=6 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=2 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 6454 |
| Response Body - size: 6,454 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Thing</h2><div class='story'><p><a href='showimage.php?file=./pictures/6.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/6.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec molestie. Sed aliquam sem ut arcu. Phasellus sollicitudin. </p><h3>Long description</h3><p><p> This picture is an 99 cm x 200 cm masterpiece. </p> <p> This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information.This text is not meant to be read. This is being used as a place holder. Please feel free to change this by inserting your own information. </p></p><p>painted by: <a href='artists.php?artist=1'>r4w8173</a></p><p>the price of this item is: $10000</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='10000'><input type='hidden' name='addcart' value='6'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/product.php?pic=7 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 316 bytes. |
GET http://testphp.vulnweb.com/product.php?pic=7 HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 407 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:02 GMT Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 5734 |
| Response Body - size: 5,734 bytes. |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/main_dynamic_template.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2"> <!-- InstanceBeginEditable name="document_title_rgn" --> <title>picture details</title> <!-- InstanceEndEditable --> <link rel="stylesheet" href="style.css" type="text/css"> <!-- InstanceBeginEditable name="headers_rgn" --> <script language="javascript1.2"> <!-- function popUpWindow(URLStr, left, top, width, height) { window.open(URLStr, 'popUpWin', 'toolbar=no,location=no,directories=no,status=no,menub ar=no,scrollbar=no,resizable=no,copyhistory=yes,width='+width+',height='+height+',left='+left+', top='+top+',screenX='+left+',screenY='+top+''); } --> </script> <!-- InstanceEndEditable --> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> </head> <body> <div id="mainLayer" style="position:absolute; width:700px; z-index:1"> <div id="masthead"> <h1 id="siteName"><a href="https://www.acunetix.com/"><img src="images/logo.gif" width="306" height="38" border="0" alt="Acunetix website security"></a></h1> <h6 id="siteInfo">TEST and Demonstration site for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></h6> <div id="globalNav"> <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr> <td align="left"> <a href="index.php">home</a> | <a href="categories.php">categories</a> | <a href="artists.php">artists </a> | <a href="disclaimer.php">disclaimer</a> | <a href="cart.php">your cart</a> | <a href="guestbook.php">guestbook</a> | <a href="AJAX/index.php">AJAX Demo</a> </td> <td align="right"> </td> </tr></table> </div> </div> <!-- end masthead --> <!-- begin content --> <!-- InstanceBeginEditable name="content_rgn" --> <div id="content"> <h2 id='pageName'>Trees</h2><div class='story'><p><a href='showimage.php?file=./pictures/7.jpg' target='_blank'><img style='cursor:pointer' border='0' align='center' src='showimage.php?file=./pictures/7.jpg&size=160' width='160' height='100'></a><h3>Short description</h3><p>bla bla bla</p><h3>Long description</h3><p>bla bla bla long</p><p>painted by: <a href='artists.php?artist=2'>Blad3</a></p><p>the price of this item is: $15000</p></div><div class='story'><form name='f_addcart' method='POST' action='cart.php'><input type='hidden' name='price' value='15000'><input type='hidden' name='addcart' value='7'><input type='submit' value='add this picture to cart'></form></div></div> <!-- InstanceEndEditable --> <!--end content --> <div id="navBar"> <div id="search"> <form action="search.php?test=query" method="post"> <label>search art</label> <input name="searchFor" type="text" size="10"> <input name="goButton" type="submit" value="go"> </form> </div> <div id="sectionLinks"> <ul> <li><a href="categories.php">Browse categories</a></li> <li><a href="artists.php">Browse artists</a></li> <li><a href="cart.php">Your cart</a></li> <li><a href="login.php">Signup</a></li> <li><a href="userinfo.php">Your profile</a></li> <li><a href="guestbook.php">Our guestbook</a></li> <li><a href="AJAX/index.php">AJAX Demo</a></li> </li> </ul> </div> <div class="relatedLinks"> <h3>Links</h3> <ul> <li><a href="http://www.acunetix.com">Security art</a></li> <li><a href="https://www.acunetix.com/vulnerability-scanner/php-security-scanner/">PHP scanner</a></li> <li><a href="https://www.acunetix.com/blog/articles/prevent-sql-injection-vulnerabilities-in-php-applications/">PHP vuln help</a></li> <li><a href="http://www.eclectasy.com/Fractal-Explorer/index.html">Fractal Explorer</a></li> </ul> </div> <div id="advert"> <p> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="107" height="66"> <param name="movie" value="Flash/add.swf"> <param name=quality value=high> <embed src="Flash/add.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="107" height="66"></embed> </object> </p> </div> </div> <!--end navbar --> <div id="siteInfo"> <a href="http://www.acunetix.com">About Us</a> | <a href="privacy.php">Privacy Policy</a> | <a href="mailto:wvs@acunetix.com">Contact Us</a> | ©2019 Acunetix Ltd </div> <br> <div style="background-color:lightgray;width:100%;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a real shop. This is an example PHP application, which is intentionally vulnerable to web attacks. It is intended to help you test Acunetix. It also helps you understand how developer errors and bad configuration may let someone break into your website. You can use it to test other tools and your manual hacking skills as well. Tip: Look for potential SQL Injections, Cross-site Scripting (XSS), and Cross-site Request Forgery (CSRF), and more.</p> </div> </div> </body> <!-- InstanceEnd --></html> |
| URL | http://testphp.vulnweb.com/showimage.php?file='%20+%20pict.item(0).firstChild.nodeValue%20+%20' |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 359 bytes. |
GET http://testphp.vulnweb.com/showimage.php?file='%20+%20pict.item(0).firstChild.nodeValue%20+%20' HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/AJAX/index.php |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 392 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: image/jpeg X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 261 |
| Response Body - size: 261 bytes. |
Warning: fopen(' pict.item(0).firstChild.nodeValue '): failed to open stream: No such file or directory in /hj/var/www/showimage.php on line 13
Warning: fpassthru() expects parameter 1 to be resource, boolean given in /hj/var/www/showimage.php on line 19 |
| URL | http://testphp.vulnweb.com/showimage.php?file=./pictures/1.jpg |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 |
| Request Header - size: 334 bytes. |
GET http://testphp.vulnweb.com/showimage.php?file=./pictures/1.jpg HTTP/1.1
host: testphp.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 pragma: no-cache cache-control: no-cache referer: http://testphp.vulnweb.com/listproducts.php?cat=1 |
| Request Body - size: 0 bytes. |
|
| Response Header - size: 394 bytes. |
HTTP/1.1 200 OK
Server: nginx/1.19.0 Date: Tue, 01 Apr 2025 05:52:01 GMT Content-Type: image/jpeg X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1 X-Cache: MISS from localhost X-Cache-Lookup: MISS from localhost:3128 Via: ICAP/1.0 BOBeProcure.BOBeProcure (C-ICAP/0.5.10 SquidClamav/Antivirus service ), 1.1 localhost (squid/5.8) Connection: keep-alive content-length: 12426 |
| Response Body - size: 12,426 bytes. |
ÿØÿà JFIF ÿÛ C
%# , #&')*)-0-(0%()(ÿÛ C (((((((((((((((((((((((((((((((((((((((((((((((((((ÿÂ È@" |